User Guide
Chapter 1: ColdFusion Tags 173
</CFOUTPUT>
</BODY>
</HTML>
The CFQUERYPARAM tag returns the following error message when this
example is executed.
VALUE
Invalid data ’12; DELETE courses WHERE Course_ID=20’ for
CFSQLTYPE ’CF_SQL_INTEGER’.
<!----------------------------------------------------------------------
This example shows the use of CFQUERYPARAM when invalid string data is in
Course_ID.
----------------------------------------------------------------------->
<HTML>
<HEAD>
<TITLE>CFQUERYPARAM Example</TITLE>
</HEAD>
<BODY>
<h3>CFQUERYPARAM Example with Bad String Input</h3>
<CFSET LastName="Peterson; DELETE employees WHERE LastName=’Peterson’">
<-----------------------------------------------------------------------
Note that for string input you must specify the MAXLENGTH attribute for
validation.
----------------------------------------------------------------------->
<CFQUERY NAME="getFirst" DATASOURCE="cfsnippets">
SELECT *
FROM employees
WHERE LastName=<CFQUERYPARAM VALUE="#LastName#"
CFSQLType="CF_SQL_VARCHAR"
MAXLENGTH="17">
</CFQUERY>
<CFOUTPUT QUERY="getFirst">
<P>Course Number: #FirstName# #LastName#
Description: #Department#
</P>
</CFOUTPUT>
</BODY>
</HTML>
The CFQUERYPARAM tag returns the following error message when this
example is executed.
VALUE
Invalid data ’Peterson; DELETE employees WHERE
LastName=’Peterson’’ value exceeds MAXLENGTH setting ’17’.