User Guide
100 Chapter 6 Making Variables Dynamic
<cfif isDefined("Form.Contract")>
Employee.Contract = ‘Yes' AND
<cfelse>
Employee.Contract = 'No' AND
</cfif>
If the user selected the Contractor check
box, get data for the employees who are
contractors; otherwise, get data for
employees who are not contractors. The
isdefined function test for the existence of
the Form.Contract variable is needed
because the variable only exists if they
select the Contractor box.
0=0
If none of the conditions are true, the 0=0
statement ensures that the WHERE clause
does not result in a SQL syntax error.
Instead, the SELECT statement returns the
entire table. Putting this statement at the
end of the WHERE clause improves
security by making it harder to attach extra
SQL statements in a dynamic variable, and
may affect the database’s optimization of
the SQL statement.
CFML Code Description