Skip to main content
R
RichieWhite
Participating Frequently
August 3, 2009
Question

preservesinglequotes question

  • August 3, 2009
  • 1 reply
  • 579 views

I have the following dynamically created sql statement:

update [tblemployees] set [FirstName]='John', [LastName]='O'neil' where employeeID = 1

I've found that it will only work if I use the preservesinglequotes in following code:

     <cfquery>
   #PreserveSingleQuotes(str)#
      </cfquery>

The problem is that it blows up when I have a user-entered single quote such as in the O'neil last name.

Does anyone have a solution for this?

    This topic has been closed for replies.

    1 reply

    Dileep_NR
    Dileep_NR
    Inspiring
    August 3, 2009

    Hi,

    use cfqueryparam

    refer - http://livedocs.adobe.com/coldfusion/6.1/htmldocs/tags-b20.htm    

    D
    Dan_Bracuk
    Inspiring
    August 3, 2009

    Attempting to use cfqueryparam with dynamcically created sql variables can result in excessive compication.  Another approach is to use the replace function on all your user provided text values and double up all your single quotes.

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices