> EXEC(@sql)
Yes, unfortunately the options for dynamic IN clauses are limited, afaik.
Another option is to create a udf that converts your csv list to a table
variable. Then use it in your query. It is not as simple, but should avoid the
sql injection risk of EXEC.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Want to reach the ColdFusion community with something they want? Let them know
on the House of Fusion mailing lists
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:333045
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
