[thelist] CF Radio Buttons Tip

Raymond Camden rcamden at allaire.com
Thu Mar 22 12:47:53 CST 2001

A little warning. As you know, CF will automatically escape single quotes
when passing values via SQL. So, this is safe:

<CFSET X = "Ray's world.">

	insert ...

However, if you pass in the value as a structure, Form["somename"], the
single quote will not be escaped. This bit me on the rear a few weeks ago.
Of course, the easy way out is to just set a temp variable. I belive
Form.Foo is safe, but you can only use that format when you know the name of
the form value at runtime.

Raymond Camden, Principal Spectra Compliance Engineer for Macromedia

Email   : jedimaster at allaire.com
ICQ UIN : 3679482

"My ally is the Force, and a powerful ally it is." - Yoda

> You may also notice that I am using the alternate for of
> Structure indexing
> when I call form["name"].  You may find that using this format
> may simplify
> code.  But note, this method of accessing a structure as if it
> was an array
> was introduced in a newer version of CF (4.5?)
> Good luck,
> -joshua

More information about the thelist mailing list