pssst ... remember to <cfqueryparam value="#form.fullname#"> all your
queries ... its good practice to do this all the time, and you can
forget about escaping, cross-scripting, and all the other nasties that
can come from it.
Jason Allen wrote:
> Hi Guys,
>
> <CFQUERY NAME="create_address" DATASOURCE="members">
>
> INSERT INTO tbl_member_contacts
>
> (member_id,
> full_name,
> address_a,
> address_b,
> city,
> state,
> country,
> postal,
> phone_number,
> phone_number_type,
> show_phone_number,
> call_time
> )
>
> VALUES
> ('#myid#',
> '#FORM.fullname#',
> '#FORM.address_a#',
> '#FORM.address_b#',
> '#FORM.city#',
> '#FORM.state#',
> '#FORM.country#',
> '#FORM.postal#',
> '#FORM.phone_number#',
> '#FORM.phone_number_type#',
> '#FORM.show_phone_number#',
> '#FORM.call_time#'
> )
>
> ;
>
> </CFQUERY>
--~--~---------~--~----~------------~-------~--~----~
Open BlueDragon Public Mailing List
http://groups.google.com/group/openbd?hl=en
official site @ http://www.openbluedragon.org/
!! save a network - trim replies before posting !!
-~----------~----~----~----~------~----~------~--~---
