User Guide

ManualsBrandsMacromedia ManualsOtherCOLFUSION MX 7-CFML REFERENCE

346 Chapter 2: ColdFusion Tags

cfquery

Description

Passes queries or SQL statements to a data source.

Macromedia recommends that you use the

cfqueryparam tag within every cfquery tag, to help

secure your databases from unauthorized users. For more information, see Security Bulletin

ASB99-04, "Multiple SQL Statements in Dynamic Queries," in the Macromedia Security Zone,

www.macromedia.com/devnet/security/security_zone/asb99-04.html, and Chapter 20,

“Accessing and Retrieving Data” in ColdFusion MX Developer’s Guide.

Category

Database manipulation tags

Syntax

<cfquery

name = "query_name"

dataSource = "ds_name"

dbtype = "query"

username = "username"

password = "password"

maxRows = "number"

blockFactor = "blocksize"

timeout = "seconds"

cachedAfter = "date"

cachedWithin = "timespan"

Either of the following:

debug = "yes" or "no"

or:

debug

>

result = "result_name"

</cfquery>

See also

cfinsert

, cfprocparam, cfprocresult, cfqueryparam, cfstoredproc, cftransaction,

cfupdate; “Optimizing database use” in Chapter 13, “Designing and Optimizing a

ColdFusion Application,” and Chapters 19–22 in ColdFusion MX Developer’s Guide

History

ColdFusion MX 7:

• Added the result attribute for specifying an alternate name for the structure that holds the

result variables.

• Added result variables for the SQL statement executed (sql), the number of records returned

(

recordcount), whether the query was cached (cached), an array of cfqueryparam values

(

sqlparameters), and the list of columns in the returned query (columnlist).