cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

Help with single quote please!

mega_L
Participant ,
Jan 22, 2010 Jan 22, 2010

I'm doing a simple varchar insert :

Insert into tablename (column1, column2, etc) Values (' #value1# ', ' #value2# ', etc)

How to avoid value with single quote such as: ' L'Enfant Plaza '

TOPICS
Getting started
1.6K
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 5 Replies 5
latest latest Jump to latest reply
Joshua_Cyr
Engaged ,
Jan 22, 2010 Jan 22, 2010

Use CFQueryparam.  Always use cfquerypram in your queries.

<cfqueryparam value="#value1#" cfsqltype="CF_SQL_VARCHAR" />

http://livedocs.adobe.com/coldfusion/8/htmldocs/help.html?content=Tags_p-q_18.html

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Jan 23, 2010 Jan 23, 2010

Cfqueryparam is preferable. However, an alternative way to preserve single quiotes is:

Insert into tablename (column1, column2, etc) Values (' #preserveSingleQuotes(value1)# ', ' #preserveSingleQuotes(value2)# ', etc)

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Dan_Bracuk
LEGEND ,
Jan 23, 2010 Jan 23, 2010
In Response To BKBK

PreserveSingleQuotes didn't work when I tried it.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Jan 23, 2010 Jan 23, 2010
In Response To Dan_Bracuk

Sorry about that, Dan. I overlooked a step, the escaping.

<!-- escape single quote character, for example, by replacing it with 2 single quotes --->

<cfset value1= replace(value1,"'","''","all")>

<cfset value2= replace(value2,"'","''","all")>

Insert into tablename (column1, column2, etc) Values (' #preserveSingleQuotes(value1)# ', ' #preserveSingleQuotes(value2)# ', etc)

In any case, I am surprised Mega L. got that problem. I expected Coldfusion to automatically escape the single quotes within cfquery.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
TLC-IT
Engaged ,
Jan 25, 2010 Jan 25, 2010
LATEST

The dual advantage of <cfqueryparam> is that:  (1) any text can be inserted, and (2) the text will never be misunderstood as "part of the SQL" no matter what it contains.

The database engine will receive an SQL string with parameter-placeholders in it, which it will parse.  Then, separately, it is given a list of the values to be substituted for each of those parameters, which it will do.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices