How can CFQUERYPARAM be applied to a boolean (Yes/No) field ? I cannot find it in the CDSQLTYPE list
----- Original Message ----- From: "Al Musella, DPM" <[email protected]> To: "cf-talk" <[email protected]> Sent: Monday, December 29, 2008 5:40 PM Subject: Re: CF Express ... Syntax error - CFQUERY -> UPDATE Options >I just want to point out that you should be using cfqueryparam around > all of those form elements. The way you have it will last about 2 > hours before someone hacks into your database. > see: > <http://www.forta.com/blog/index.cfm/2005/12/21/SQL-Injection-Attacks-Easy-To-Prevent-But-Apparently-Still-Ignored>http://www.forta.com/blog/index.cfm/2005/12/21/SQL-Injection-Attacks-Easy-To-Prevent-But-Apparently-Still-Ignored > for details > > > > At 11:45 AM 12/28/2008, you wrote: >> >Thanks, but that is supposed to be the right bracket of the SET >> > >> > >> >> >Comments = '#trim(Form.Comments)#') >> >> >> >> Should be Comments = Comments = '#trim(Form.Comments)#' >> >> >>Yep, but syntactically (sqlwise) you can't have the construct >>(opening and closing bracket) the way it's laid out unlike your >>INSERT statements. > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:317225 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
