Name
CFQUERYPARAM — New as of ColdFusion 4.5
Synopsis
<CFQUERY>
SQL statements
[<CFQUERYPARAM>]
</CFQUERY>
Checks the datatype and optionally validates a query parameter within
the SQL statement of a CFQUERY
tag. Multiple
CFQUERYPARAM
tags may be used with a single
CFQUERY
tag.
The SQL that is generated by the CFQUERYPARAM
tag
is dependent on the database used. If the database being used
doesn’t support bind parameters, validation is still performed
with the validated parameter being written back to the string. If for
any reason validation fails, ColdFusion throws an exception. The
following rules determine the validation performed:
CF_SQL_SMALLINT
,CF_SQL_INTEGER
,CF_SQL_REAL
,CF_SQL_FLOAT
,CF_SQL_DOUBLE
,CF_SQL_TINYINT
,CF_SQL_MONEY
,CF_SQL_MONEY4
,CF_SQL_DECIMAL
,CF_SQL_NUMERIC
, andCF_SQL_BIGINT
can be converted to numbers.
CF_SQL_DATE
,CF_SQL_TIME
andCF_SQL_TIMESTAMP
can be converted to a valid date format.
The ColdFusion Sybase 11 native driver doesn’t currently
support the binding of SQL parameters. If the
MAXLENGTH
attribute is used, the length of the
value for the specified parameter can’t exceed the specified
length.
Attributes
-
VALUE="
parameter_value
"
The value that ColdFusion should pass to the right of the comparison operator in the
WHERE
clause. Required.-
CFSQLTYPE="
parameter_data_type
"
The SQL type that the parameter is bound to. Required. The default is
CF_SQL_CHAR
. Possible values are:CF_SQL_BIGINT
,CF_SQL_BIT
,CF_SQL_CHAR
,CF_SQL_DATE
,CF_SQL_DECIMAL
Get Programming ColdFusion now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.