cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

CFQUERY Datatypes and Quotes

goxmedia
New Here ,
Aug 14, 2011 Aug 14, 2011

Hello,

In CFQUERY operations, can someone advise as to the following:

1. What data types REQUIRE single quotes for UPDATE and INSERT statements?

  * We are using MS SQL 2008 R2 with CF9

2. Is it best practice to use CFQUERYPARAM for EVERY statement now days?

I searched everywhere but can't seem to find any type of reference sheet anywhere that I can use when building my statemnts.

Thanks in advance.

G.

767
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 6 Replies 6
latest latest Jump to latest reply
JMF3
Contributor ,
Aug 14, 2011 Aug 14, 2011

Use CFQUERYPARAM and you don't have to worry about it ...

Basically, only numbers don't use the string delimiter. Date/times

depend on how you want to format them ... again, use CFQUERYPARAM and

never worry about it again.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
-__cfSearching__-
Valorous Hero ,
Aug 14, 2011 Aug 14, 2011
In Response To JMF3

We are using MS SQL 2008 R2 with CF9

>> Use CFQUERYPARAM and you don't have to worry about it ...

More importantly you should be using cfqueryparam anyway to protect your queries against sql injection.

http://www.petefreitag.com/item/677.cfm

http://www.coldfusionmuse.com/index.cfm/2008/2/22/sql-injection-on-a-character-field

http://www.12robots.com/index.cfm/2008/7/30/SQL-Injection-is-only-the-beginning-ltcfqueryparamgt-is-the-easy-part

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
goxmedia
New Here ,
Aug 14, 2011 Aug 14, 2011
In Response To -__cfSearching__-

... thanks cfSarching.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
goxmedia
New Here ,
Aug 14, 2011 Aug 14, 2011
In Response To JMF3

... thanks JMF.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Dan_Bracuk
LEGEND ,
Aug 14, 2011 Aug 14, 2011

Using cfqueryparam is a good idea unless there is a reason not to.  With CF9/MS SQL those reasons will be few and far between.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
goxmedia
New Here ,
Aug 14, 2011 Aug 14, 2011
LATEST
In Response To Dan_Bracuk

... thanks Dan.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices