[thelist] ColdFusion -- Now 2 much escape!

Rory.Plaire at wahchang.com Rory.Plaire at wahchang.com
Tue Aug 28 14:13:02 CDT 2001 

Now for the real fun!

So, here I am, illumined to the Way of Escape for lowly parameters being
ruthlessly marshaled under the exhausting heat of deadlines and blinding
light of my desk's florescent canopy... the waves of light bend and refract
off the intensity of my monitor's radiation in patterns of tribulation
making the solutions appear close... enough... to... reach... but then
vanish. Move over, Cool Hand, you never dealt with the cards that ColdFusion
plays.

So, back in the pit, digging away. It seems as if the excellently
articulated and cunningly crafted solution, forged in the arcing power of a
collaborative exchange yesterday proved to be short of the eccentricity
factor needed to work rationally with ColdFusion. Here's what the heck I'm
talking about--

<cfscript>
	function SQLEsc(SQLVar) //ha! you should have seen the other name!
	{	return(Replace(SQLVar, "'", "''", "ALL");
	}
</cfscript>

Basically, a C+P of what .jeff contributed.

When called -- @param = #SQLEsc(oStruct.Field)# -- the value is returned, as
expected, with the single quotes escaped by prefacing (or suffixing?) with
another single quote.

However, this is now a regular variable or something strikingly similar
enough to the ColdFusion Logic Machine whereby it treats it in the same way
-- yep, it automagically escapes the single quotes. After a while, my values
look like they've been targeted by a machine gun or something:
"17'''''''''''''''''''''' R/L."

"Hmmm," I thought. "Maybe if I just Trim() the string, the same thing will
happen, giving CF an excuse to escape the values automagically." Hope but
nope. 8)

So, for the most fun like this I've had in some time, my function now is
like this, and it works:

<cfscript>
	function SQLEsc(SQLVar) //ha! you should have seen the other name!
	{	return(SQLVar);
	}
</cfscript>

Am I ready to leave this somewhat albatross solution to do the thing I need?

Maybe I could get some help on this question?

<rory disposition="sounds cynical, but I'm smiling" alt="8)"/>

More information about the thelist mailing list