Skip to main content
B
bharathi_reddy
Participant
February 6, 2015
Question

How to use cfqueryparam tag to insert records in to table?

  • February 6, 2015
  • 2 replies
  • 715 views

Hi Team ,

I am trying to insert 6 records dynamically from form to db( oracle 11g) at the end of business process workflow. my form is getting stalled if user enters special character in the fields. I have seen in one of the forum if we use  "cfqueryparam " tag to automatically escape all the special characters . But i didn't get how to use this tag.

I am using Execute SQL Statement activity in the subprocess and i have written a simple query as shown below.

INSERT IN TO TABLENAME VALUES ("/process_data/@field1","/process_data/@field2","/process_data/@field3","/process_data/@field4","/process_data/@field5","/process_data/@field6") ;

Please let me know how i can use the tag to escape all special characters .

Thanks in Advance,

Bharathi.

This topic has been closed for replies.

2 replies

BKBK
Community Expert
BKBKCommunity Expert
Community Expert
February 7, 2015

Did you atttempt something like this:

INSERT INTO TABLENAME VALUES (<cfqueryparam cfsqltype="cf_sql_varchar" value="value1">, <cfqueryparam cfsqltype="cf_sql_varchar" value="value2">, etc.)

Carl Von Stetten
Carl Von Stetten
Legend
February 6, 2015

How are you "using Execute SQL Statement"?  In a <cfquery> tag, a <cfstoredproc> tag, or in script via query.cfc or queryExecute() or such?

-Carl V.

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices