That would fail. PreserveSingleQuotes would cause the single to NOT be
escaped. It sounds like he wants it escaped (since it's part of the name).
This may take a little examination on your part, Kevin. Single quotes
should be escaped automatically. Chances are you have a
PreserveSingleQuotes() function that needs to be removed.
Bryan Love Macromedia Certified Professional
Internet Application Developer / Database Analyst
Telecommunication Systems Inc.
[EMAIL PROTECTED]
"What father would hesitate to say 'if there must be trouble let it be in my
day, that my child may have peace'?"
- Thomas Paine, An American Crisis
-----Original Message-----
From: Howie Hamlin [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 12, 2001 1:56 PM
To: CF-Talk
Subject: Re: Inserting single quotes into SQL Server...
Use the PreserveSingleQuotes function.
HTH,
--
Howie Hamlin - inFusion Project Manager
On-Line Data Solutions, Inc. - www.CoolFusion.com - 631-737-4668 x101
inFusion Mail Server (iMS) - The Intelligent Mail Server
<<< Vote for iMS as the CFDJ Reader's Choice Awards Most Innovative Product
>>>
http://www.sys-con.com/coldfusion/readerschoice2001/nominationformbpa.cfm
>>> Find out how iMS Stacks up to the competition:
http://www.coolfusion.com/imssecomparison.cfm
----- Original Message -----
From: "Kevin Langevin" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Monday, November 12, 2001 4:33 PM
Subject: Inserting single quotes into SQL Server...
> Hi all-
>
> I've beaten this problem before, but even looking at code that seems to
work
> fine from previous projects, I can't see what I'm doing wrong.
>
> I want to insert a string into a record in a SQL Server 2000 DB. The
string
> contains a customer's name. If the customer's name contains an
apostrophe,
> the insert dies. It works fine in another app, but I can't see what I'm
> doing differently. I'm not escaping anything or doing anything special,
> from what I can see.
>
> Anyone have any standard ways of inserting strings into SQL which may or
may
> not contain single quotes?
>
>
> Kevin Langevin
> Web Guy In Charge
> UsWebGuys
> 954-327-5780
>
>
> -----Original Message-----
> From: Langford, Bryan [mailto:[EMAIL PROTECTED]]
> Sent: Monday, November 12, 2001 4:29 PM
> To: CF-Talk
> Subject: CFCookie and the old switcharoo - help!
>
>
> Hey everyone,
> Anyone that read my recent posts "CFCOOKIE and the old switcheroo".
> I am still looking for any other suggestion before I revert to using
> sessions instead of cookies. The basic problem is that I have a multiple
> user environment, a class room of students, each log in to take the test:
> Page1:
> <cfform action="repreverification.cfm" method=post>
> <cfoutput>
> <p> <br>
>
> <table width="75%" border="0">
> <tr>
> <td width="50%">Welcome Back #cookie.repname#:</td>
> <td width="50%">
> <input type="hidden" name="RepName" value='#cookie.repname#'>
> </td>
> </tr>
> <tr>
> <td width="50%" align="right">ID:</td>
> <td width="50%">
> <CFinput type=text name="RepID" maxlength="5" message="Your ID
must
> be 5 digits in length" size=20 required="Yes"> <b>(First 5 digits of
> SSN.)</b>
> </td>
> </tr>
> </table>
> If you are not #cookie.repname# <a href="./logon.cfm?track=yes">Click
> here</a>
> <p><br>
> <input type="submit" name="Submit" value="Submit">
> </cfoutput>
> </cfform>
>
> That is submitted through the form action to repverification which builds
> the cookies.
> <cfoutput>
> <cfparam name="value1" default="">
> <cfparam name="counter" default="">
> <cfparam name="increment" default="0">
> <cfparam name="cookvalue" default="">
> <cfset counter = '1'>
> <cfset cookvalue = '#form.repname#'>
> </cfoutput>
>
> <!--- removes single and double quotes from entry --->
> <cfloop condition="counter lt len(FORM.repname)+1">
> <CFOUTPUT>
> <cfset value1='#counter#'>
> <cfif '#mid(form.repname,value1,1)#' EQ CHR(34) OR
> '#mid(form.repname,value1,1)#' EQ CHR(39)>
> <cfset cookvalue='#removechars(cookvalue,value1-increment,1)#'>
> <cfset increment = '#increment#' + 1>
> </cfif>
> </CFOUTPUT>
> <Cfset Counter = counter + 1>
> </cfloop>
>
> <!--- cookies --->
> <cfif isnumeric(form.repid) is 'yes' and len(form.repid) EQ 5>
> <cfapplication name="PerfTrack"sessionmanagement="Yes">
> <cfcookie name="repname" expires="NOW">
> <cfcookie name="cfid" expires="NOW">
> <cfcookie name="cftoken" expires="NOW">
> <cfcookie name="repid" expires="NOW">
> <cflock name="repvars"
> timeout="60"
> throwontimeout="Yes"
> type="EXCLUSIVE">
> <CFCOOKIE NAME="CFID" VALUE="#SESSION.CFID#">
> <CFCOOKIE NAME="CFTOKEN" VALUE="#SESSION.CFTOKEN#">
> <CFcookie NAME="repname"
> VALUE="#cookvalue#"
> EXPIRES="2" >
> <CFcookie NAME="repid"
> VALUE="#form.repid#"
> EXPIRES="2" >
> </cflock>
> <meta http-equiv="refresh" content=".1; URL=nhrepmenu.cfm">
> <cfabort>
> <cfelse>
> The information you have provided as your ID is not numeric or does not
> contain 5 digits, please click back and enter the first 5 digits of your
> social security number.
> </cfif>
>
> Lastly the repmenu is pulled up.
> <cfquery name="blah" datasource="ncc" blockfactor="50">
> select #variables.mastertableansw#.fldname,
> #variables.mastertableansw#.fldid, #variables.mastertableansw#.testnumber,
> max(#variables.mastertableansw#.questionnumber) as maxquest,
> max(#variables.mastertable#.questnum) as maxq
> from #variables.mastertableansw#, #variables.mastertable#
> where fldname = '#cookie.repname#'
> and fldid = '#cookie.repid#'
> and #variables.mastertableansw#.testnumber =
> #variables.mastertable#.testnumber
> group by #variables.mastertableansw#.fldname,
> #variables.mastertableansw#.fldid, #variables.mastertableansw#.testnumber
> </cfquery>
> <cfoutput>
> <cfif #blah.fldname# is ''>
> <cfparam name="newmark" default="">
> <cfset newmark = 'x'>
> <div align="center"><b>Our records indicate that you are a first time
user.
> Please select from the following tests.</b></div>
> <cfelse><!-- this is the if that carries question and test number -->
> <b>Welcome Back #cookie.repname# your ID is #cookie.repid#
> #cookie.cftoken#</b>
> </cfif>
> </cfoutput>
>
> The problem is that reps 1 - 20 all log in. Some reps get to the menu
page
> and get they're own information display...I.E. Rep 5 logs in and gets:
> "Welcome back rep5,"
> But many of the reps get someone elses info
> Rep 2 logs in and gets: "Welcome back rep 3"
> Rep 1 gets rep5
> rep 7 gets rep 3 as well. etc.
> If anyone has ANY suggestions I would certianly appreciate it. I have 12
> call centers full of trainees all waiting to take their tests. I'm
starting
> to feel sorry that I ever switched to cookies from session vars.
> Bryan Langford
>
>
> Analyst
> National Customer Operations
> Enterprise Services & Strategic Planning
> Training Development and Design Team.
>
> Bryan Langford
>
>
> Analyst
> National Customer Operations
> Enterprise Services & Strategic Planning
> Training Development and Design Team.
> >
> >
> >
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get the mailserver that powers this list at http://www.coolfusion.com
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
