In addition to what Adam said, you have a bunch of other issues in your code.
First, is the code snippet from one file, or multiple files? I'm assuming it's just one file - if not, some of my comments may not apply.
Second, the CFAPPLICATION tag typically isn't used anywhere but Application.cfm. If this file is in fact Application.cfm, you wouldn't want to have a lot of that other code in the file.
Third, it doesn't appear that you need the SELECT query at all. You're selecting the value you just inserted, so you already know the value. You should avoid unnecessary queries, as database interaction is relatively expensive.
Fourth, if NID comes from a browser (form submission, URL parameter, etc), you'd want to ensure that, in any query that uses the value, you use CFQUERYPARAM to avoid SQL injection vulnerabilities.
Fifth, I don't think the DESTINATION attribute of CFFILE lets you specify an actual file. Instead, you specify a directory, and CFFILE either uses the original file name or a unique, randomly generated name, depending on what you set the NAMECONFLICT attribute to. Since you set it to "overwrite", it should use the original file name.
Sixth, you can't use CFLOCATION in a page if you want the user to see or interact with that page. CFLOCATION sends a 300-series redirect HTTP response to the browser (usually a temporary redirect - 302). The browser won't display the page, but will instead request the target of the redirect.
Finally, congratulations on writing CF at 16! I wish I'd been that savvy when I was your age. All of the listed problems are easily fixable, so don't worry too much about them.
Dave Watts, CTO, Fig Leaf Software
Dave Watts, Eidolon LLC
2
Replies
AdChoices