I think it's a matter of order of execution in your where clause. I believe it is being interpreted as:
WHERE (Name = '#Form.SHIPTONAME#' AND Birthdate = '#Birthdate#') OR Email = '#Form.Email#' and you are expecting: WHERE Name = '#Form.SHIPTONAME#' AND (Birthdate = '#Birthdate#' OR Email = '#Form.Email#') Hope this helps On Wed, Apr 10, 2013 at 2:49 PM, Bruce Sorge <[email protected]> wrote: > > I have a site where a user is only supposed to register for one deal. I > have this query: > > <cfquery datasource="#Request.LiveDSN#" name="qCheckUserTable"> > SELECT Name, Birthdate, Email > FROM Users > WHERE Name = <cfqueryparam cfsqltype="cf_sql_varchar" > value="#Form.SHIPTONAME#" /> > AND Birthdate = <cfqueryparam cfsqltype="cf_sql_varchar" > value="#Birthdate#" /> > OR Email = <cfqueryparam cfsqltype="cf_sql_varchar" > value="#Form.Email#" /> > </cfquery> > > I then do this: > > <cfif qCheckUserTable.RecordCount GT 0> > > <cfinclude template="header.cfm"> > <BR><BR><BR> > <cfoutput>#Form.SHIPTONAME#</cfoutput>, > It appears that you have already registered for this deal. You can > click the back button and enter another's information or quit the > application. You can only register an individual for one deal only. > <cfinclude template="footer.cfm"> > <cfabort> > <cfelse> > > blah blah blah > > Well today someone managed to register more than once. In the db, the only > difference is the birthdate, which should not matter since I am checking > for their name, birthdate or email. The name and email in both records are > identical. I ran this query against the db several times using different > birth-dates and every time I get the records, which means the name/email > search is working. I suspect that this person tried for a while to get > around this since her registrations were about an hour apart. Is there > something that I am overlooking in the query? How would she have gotten by > this? I am guessing I missed something very simple. > > Thanks, > > Bruce > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:355345 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
