Name

CFQUERYPARAM — New as of ColdFusion 4.5

Synopsis

<CFQUERY>
SQL statements
  [<CFQUERYPARAM>]
</CFQUERY>

Checks the datatype and optionally validates a query parameter within the SQL statement of a CFQUERY tag. Multiple CFQUERYPARAM tags may be used with a single CFQUERY tag.

The SQL that is generated by the CFQUERYPARAM tag is dependent on the database used. If the database being used doesn’t support bind parameters, validation is still performed with the validated parameter being written back to the string. If for any reason validation fails, ColdFusion throws an exception. The following rules determine the validation performed:

  • CF_SQL_SMALLINT, CF_SQL_INTEGER, CF_SQL_REAL, CF_SQL_FLOAT, CF_SQL_DOUBLE, CF_SQL_TINYINT, CF_SQL_MONEY, CF_SQL_MONEY4, CF_SQL_DECIMAL, CF_SQL_NUMERIC, and CF_SQL_BIGINT can be converted to numbers.

  • CF_SQL_DATE, CF_SQL_TIME and CF_SQL_TIMESTAMP can be converted to a valid date format.

The ColdFusion Sybase 11 native driver doesn’t currently support the binding of SQL parameters. If the MAXLENGTH attribute is used, the length of the value for the specified parameter can’t exceed the specified length.

Attributes

VALUE=" parameter_value "

The value that ColdFusion should pass to the right of the comparison operator in the WHERE clause. Required.

CFSQLTYPE=" parameter_data_type "

The SQL type that the parameter is bound to. Required. The default is CF_SQL_CHAR. Possible values are: CF_SQL_BIGINT, CF_SQL_BIT, CF_SQL_CHAR, CF_SQL_DATE, CF_SQL_DECIMAL

Get Programming ColdFusion now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial