User Guide
cfqueryparam 355
Example
<!--- This example shows cfqueryparam with VALID input in Course_ID. --->
<h3>cfqueryparam Example</h3>
<cfset Course_ID = 12>
<cfquery name = "getFirst" dataSource = "cfdocexamples">
SELECT *
FROM courses
WHERE Course_ID = <cfqueryPARAM value = "#Course_ID#"
CFSQLType = "CF_SQL_INTEGER">
</cfquery>
<cfoutput query = "getFirst">
<p>Course Number: #Course_ID#<br> Description: #descript#</p>
</cfoutput>
<!--- This example shows the use of CFQUERYPARAM when INVALID string data is
in Course_ID. ---->
<p>This example throws an error because the value passed in the CFQUERYPARAM
tag exceeds the MAXLENGTH attribute</p>
<cfset LastName="Peterson; DELETE employees WHERE LastName='Peterson'">
<!------- Note that for string input you must specify the MAXLENGTH attribute
for validation. -------------------------------------------------->
<cfquery
name="getFirst" datasource="cfdocexamples">
SELECT *
FROM employees
WHERE LastName=<cfqueryparam
value="#LastName#"
cfsqltype="CF_SQL_VARCHAR"
maxlength="17">
</cfquery>
<cfoutput
query="getFirst"> <p>
Course Number: #FirstName# #LastName#
Description: #Department# </p>
</cfoutput>
CF_SQL_TIMESTAMP TIMESTAMP Timestamp datetime
year to
fraction(5)
, datetime
year to
second
date datetime,
smalldate
time
CF_SQL_TINYINT TINYINT tinyint
CF_SQL_VARBINARY VARBINARY Rowid raw varbinary
CF_SQL_VARCHAR VARCHAR Varchar varchar,
nvarchar,
lvarchar
varchar2,
nvarchar2
varchar,
nvarchar,
sysname
ColdFusion JDBC DB2 Informix Oracle MSSQL