Hi Ken,
As other people pointed out that Cf will escape the single quote in a
simple variable.
What I have had is when you use evaluate() function to evaluate a
variable which contains a singlequote then CF will fail to escape it. I
solved this problem by after the evaluation replacing the singlequote
with two siglequotes (not a double,that's what the SQL statement wants
to see). e.g.
'#replaceNoCase(trim(evaluate("attributes.#i#_#toWho#")),"'","''","ALL")
#'.
But the way you used to assign the result of the evaluation to a simple
variable will also work here.
Regards,
Sima
-----Original Message-----
From: Mookie Bear [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 12, 2001 4:54 PM
To: CF-Talk
Subject: Re: Inserting single quotes into SQL Server... Rarrararrr!!!
For some reason this always works with me!! ok, i assume that
customer's
name is in form variable, so create a new variable and set it to that
form
variable, and use that new variable u created in the SQL code. this
works,
promise! if anyone knows why, i'd like to know!
hehehe Rarrararrr!!!
>From: "Kevin Langevin" <[EMAIL PROTECTED]>
>Reply-To: [EMAIL PROTECTED]
>To: CF-Talk <[EMAIL PROTECTED]>
>Subject: Inserting single quotes into SQL Server...
>Date: Mon, 12 Nov 2001 16:33:21 -0500
>
>Hi all-
>
>I've beaten this problem before, but even looking at code that seems to
>work
>fine from previous projects, I can't see what I'm doing wrong.
>
>I want to insert a string into a record in a SQL Server 2000 DB. The
string
>contains a customer's name. If the customer's name contains an
apostrophe,
>the insert dies. It works fine in another app, but I can't see what
I'm
>doing differently. I'm not escaping anything or doing anything
special,
>from what I can see.
>
>Anyone have any standard ways of inserting strings into SQL which may
or
>may
>not contain single quotes?
>
>
>Kevin Langevin
>Web Guy In Charge
>UsWebGuys
>954-327-5780
>
>
>-----Original Message-----
>From: Langford, Bryan [mailto:[EMAIL PROTECTED]]
>Sent: Monday, November 12, 2001 4:29 PM
>To: CF-Talk
>Subject: CFCookie and the old switcharoo - help!
>
>
>Hey everyone,
> Anyone that read my recent posts "CFCOOKIE and the old
switcheroo".
>I am still looking for any other suggestion before I revert to using
>sessions instead of cookies. The basic problem is that I have a
multiple
>user environment, a class room of students, each log in to take the
test:
>Page1:
><cfform action="repreverification.cfm" method=post>
><cfoutput>
> <p> <br>
>
> <table width="75%" border="0">
> <tr>
> <td width="50%">Welcome Back #cookie.repname#:</td>
> <td width="50%">
> <input type="hidden" name="RepName"
value='#cookie.repname#'>
> </td>
> </tr>
> <tr>
> <td width="50%" align="right">ID:</td>
> <td width="50%">
> <CFinput type=text name="RepID" maxlength="5"
message="Your ID
>must
>be 5 digits in length" size=20 required="Yes"> <b>(First 5 digits
of
>SSN.)</b>
> </td>
> </tr>
> </table>
> If you are not #cookie.repname# <a
href="./logon.cfm?track=yes">Click
>here</a>
> <p><br>
> <input type="submit" name="Submit" value="Submit">
></cfoutput>
></cfform>
>
>That is submitted through the form action to repverification which
builds
>the cookies.
><cfoutput>
><cfparam name="value1" default="">
><cfparam name="counter" default="">
><cfparam name="increment" default="0">
><cfparam name="cookvalue" default="">
><cfset counter = '1'>
><cfset cookvalue = '#form.repname#'>
></cfoutput>
>
><!--- removes single and double quotes from entry --->
><cfloop condition="counter lt len(FORM.repname)+1">
><CFOUTPUT>
><cfset value1='#counter#'>
><cfif '#mid(form.repname,value1,1)#' EQ CHR(34) OR
>'#mid(form.repname,value1,1)#' EQ CHR(39)>
><cfset cookvalue='#removechars(cookvalue,value1-increment,1)#'>
><cfset increment = '#increment#' + 1>
></cfif>
></CFOUTPUT>
><Cfset Counter = counter + 1>
></cfloop>
>
><!--- cookies --->
><cfif isnumeric(form.repid) is 'yes' and len(form.repid) EQ 5>
><cfapplication name="PerfTrack"sessionmanagement="Yes">
><cfcookie name="repname" expires="NOW">
><cfcookie name="cfid" expires="NOW">
><cfcookie name="cftoken" expires="NOW">
><cfcookie name="repid" expires="NOW">
><cflock name="repvars"
>timeout="60"
>throwontimeout="Yes"
>type="EXCLUSIVE">
><CFCOOKIE NAME="CFID" VALUE="#SESSION.CFID#">
> <CFCOOKIE NAME="CFTOKEN" VALUE="#SESSION.CFTOKEN#">
><CFcookie NAME="repname"
> VALUE="#cookvalue#"
> EXPIRES="2" >
><CFcookie NAME="repid"
> VALUE="#form.repid#"
> EXPIRES="2" >
> </cflock>
><meta http-equiv="refresh" content=".1; URL=nhrepmenu.cfm">
><cfabort>
><cfelse>
>The information you have provided as your ID is not numeric or does not
>contain 5 digits, please click back and enter the first 5 digits of
your
>social security number.
></cfif>
>
>Lastly the repmenu is pulled up.
><cfquery name="blah" datasource="ncc" blockfactor="50">
>select #variables.mastertableansw#.fldname,
>#variables.mastertableansw#.fldid,
#variables.mastertableansw#.testnumber,
>max(#variables.mastertableansw#.questionnumber) as maxquest,
>max(#variables.mastertable#.questnum) as maxq
>from #variables.mastertableansw#, #variables.mastertable#
>where fldname = '#cookie.repname#'
>and fldid = '#cookie.repid#'>and #variables.mastertableansw#.testnumber=
>#variables.mastertable#.testnumber
>group by #variables.mastertableansw#.fldname,
>#variables.mastertableansw#.fldid,
#variables.mastertableansw#.testnumber
></cfquery>
><cfoutput>
><cfif #blah.fldname# is ''>
><cfparam name="newmark" default="">
><cfset newmark = 'x'>
><div align="center"><b>Our records indicate that you are a first time
user.
>Please select from the following tests.</b></div>
><cfelse><!-- this is the if that carries question and test number -->
><b>Welcome Back #cookie.repname# your ID is #cookie.repid#
>#cookie.cftoken#</b>
></cfif>
></cfoutput>
>
>The problem is that reps 1 - 20 all log in. Some reps get to the menu
page
>and get they're own information display...I.E. Rep 5 logs in and gets:
>"Welcome back rep5,"
>But many of the reps get someone elses info
>Rep 2 logs in and gets: "Welcome back rep 3"
>Rep 1 gets rep5
>rep 7 gets rep 3 as well. etc.
>If anyone has ANY suggestions I would certianly appreciate it. I have
12
>call centers full of trainees all waiting to take their tests. I'm
>starting
>to feel sorry that I ever switched to cookies from session vars.
>Bryan Langford
>
>
>Analyst
>National Customer Operations
>Enterprise Services & Strategic Planning
>Training Development and Design Team.
>
>Bryan Langford
>
>
>Analyst
>National Customer Operations
>Enterprise Services & Strategic Planning
>Training Development and Design Team.
> >
> >
> >
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Your ad could be here. Monies from ads go to support these lists and provide more
resources for the community. http://www.fusionauthority.com/ads.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
