list

Explorer ,
Sep 12, 2018 Sep 12, 2018

Copy link to clipboard

Copied

Hi I have the variables set

<cfif orderID = 5>

      <cfset stype = "'ABC124','DEF567'">

<cfese>

<cfset stype = "'VACD123','KHOL567'">

</cfif>

<cfquery name="qQuery" datasource="#ds#">

select .....

from......

......

where ......

and serie in in ('#stype#')

</cfquery>

when out put the query, I got below (1) which is not right because nothing returned.  When i run the query and hard code like 2 I got records.  What did I have wrong here? Thanks

1) serie in ('''ABC124'',''DEF567''')

2) serie in ('ABC124','DEF567')

TOPICS
Getting started

Views

410

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Advocate ,
Sep 20, 2018 Sep 20, 2018

Copy link to clipboard

Copied

LATEST

ColdFusion is automatically converting all single quotes in stype to double quotes. To prevent it, do this:

and serie in (#preserveSingleQuotes(stype)#)

Note that this is only safe if you are hard-coding values for stype. If stype ever gets values from the user then it is more secure to use cfQueryParam.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines