[thelist] Double and Single Quotes are ruining my life....
Steven Wood
steve.wood at serviceengine.com
Thu Oct 26 16:24:46 CDT 2000
> When a user enters data that contains double quotes (example: I "sort of"
> hate double quotes) the data inserts into the SQL table just fine.
>
> However, when it comes time to display that data - the browser get's
> confused from the second double quote on...
Using CFQUERYPARAM has made things a lot easier for us in this regard.
If you're entering data from a textarea into a database, try binding the
variable using CFQUERYPARAM... as in the following:
<cfquery name="InsertReport" datasource="mysource">
INSERT INTO
my.reportstable (
Subject,
Content)
VALUES (
#Subject#,
<cfqueryparam value='#Content#' CFSQLTYPE=CF_SQL_LONGVARCHAR>)
</cfquery>
This has solved a lot of various quoting problems when inserting large
blocks of text that may or may not contain quotes of different kinds. You
can enter text with all sorts of quotes into your database, and then read
and display that text with no extra validation work.
Steven Wood
Dynamic Application Specialist
ServiceEngine.com, Inc.
The Internet Utility for Customer Service
203.402.1151
203.925.8768 Fax
http://www.ServiceEngine.com
More information about the thelist
mailing list