I might be stating the obvious but have you placed that in a
<CFQUERYPARAM> tag? That 's what I have been using to make sure things
are escaped properly. For example:
...
content = <cfqueryparam cfsqltype="cf_sql_varchar"
value="#trim(arguments.content.getArticleContent())#" />
...
HTH
Greg
On 4/26/05, Cliff Meyers <[EMAIL PROTECTED]> wrote:
> I experienced some unexpected behavior today while I troubleshooting an
> error in one of my first Mach-II apps. I was using a "bean" CFC to store
> data from a form and then insert it into an Oracle database. Inside my
> CFQUERY block, I was using a method such as this...
>
> event.getArg("SurveyForm").getComment1()
>
> to insert text into the DB. I found out that when outputting the CFC
> inside CFQUERY (as shown above, wrapped in ## naturally) that the single
> quotes in the text to be inserted weren't being escaped... thus causing
> the Oracle DB syntax error.
>
> Has anyone else run into this, or have any ideas of what might be going
> wrong? In the future to be safe I suppose I might just dump all the
> arguments into a structure and then put those into the CFQUERY block, but
> I was a little surprised that this happened. Thanks!
>
> -Cliff
>
> ----------------------------------------------------------
> You are subscribed to cfcdev. To unsubscribe, send an email to
> [email protected] with the words 'unsubscribe cfcdev' as the subject of the
> email.
>
> CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting
> (www.cfxhosting.com).
>
> An archive of the CFCDev list is available at
> www.mail-archive.com/[email protected]
>
>
--
e: greg.stewart(a)gmail.com
w: http://gregs.tcias.co.uk/
----------------------------------------------------------
You are subscribed to cfcdev. To unsubscribe, send an email to
[email protected] with the words 'unsubscribe cfcdev' as the subject of the
email.
CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting
(www.cfxhosting.com).
An archive of the CFCDev list is available at
www.mail-archive.com/[email protected]
