<cfquery datasource="#siteowner#">
INSERT INTO InventoryData (SellerID, Crate, Weight, Size, Content)
VALUES (#cookie.BoothSeller#, '#evaluate("FORM.CRATE" & i)#',
'#evaluate("FORM.W" & i)#','#evaluate("FORM.SZ" & i)#','#evaluate("FORM.D" &
i)#')
</cfquery>
AH! I bet the evalutes are causing the single quotes to break the SQL
Thanks Isaac!
-----Original Message-----
From: s. isaac dealey [mailto:[EMAIL PROTECTED]
Sent: Friday, February 01, 2008 2:56 PM
To: CF-Talk
Subject: Re: cf5 and single quote
> SQL = "INSERT INTO InventoryData (SellerID, Crate, Weight, Size,
> Content) VALUES (111, '2008', '516','53x32x59','flat panels #15-28.
> curvedpanels #13,20,6,27, light boxflexible rear panels, bridge
> diffi'lser')"
Ayup... Andy Matthews mentioned the PreserveSingleQuotes() function
(which was available in CF5 and iirc even before - not certain but I
think it goes back to the beginning) -- this particular error *looks*
like an improper use of that function. I've seen before where someone
used preserveSingleQuotes() while creating a string to then inject into
the cfquery tags and ended up with this error because their use of
PreserveSingleQuotes() just flattened out the sql so that cfquery can't
automatically escape them anymore like it usually does. If you can post
the code of the cfquery that might be more helfpul. :)
hth,
ike
--
s. isaac dealey ^ new epoch
isn't it time for a change?
ph: 503.236.3691
http://onTap.riaforge.org/blog
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;160198600;22374440;w
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:297955
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
