g118481
asked on
How to add CFQUERYPARAM to these two simple queries?
Experts,
I am wanting to use the CFQUERYPARAM tag with the two queries below.
Can someone help?
select distinct emp,sum(hours) as total_hours
From C
where emp = '#form.employee#' and hours <> 0
AND datepart(week, getdate()) = datepart(week, curdate)
group by emp
select emp,inumber,icodenumber,re l_month,ho urs,spm_su bline
From C
where emp = '#form.employee#' and hours <> 0
AND datepart(week, getdate()) = datepart(week, curdate)
order by spm_subline
Cheers
I am wanting to use the CFQUERYPARAM tag with the two queries below.
Can someone help?
select distinct emp,sum(hours) as total_hours
From C
where emp = '#form.employee#' and hours <> 0
AND datepart(week, getdate()) = datepart(week, curdate)
group by emp
select emp,inumber,icodenumber,re
From C
where emp = '#form.employee#' and hours <> 0
AND datepart(week, getdate()) = datepart(week, curdate)
order by spm_subline
Cheers
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Here is a few lines that I think are important for you to know:
The validation rules are as follows:
For these types, a data value can be converted to a numeric value: CF_SQL_SMALLINT, CF_SQL_INTEGER, CF_SQL_REAL, CF_SQL_FLOAT, CF_SQL_DOUBLE, CF_SQL_TINYINT, CF_SQL_MONEY, CF_SQL_MONEY4, CF_SQL_DECIMAL, CF_SQL_NUMERIC, and CF_SQL_BIGINT
For these types, a data value can be converted to a date supported by the target data source: CF_SQL_DATE, CF_SQL_TIME, CF_SQL_TIMESTAMP
For all other types, if the maxLength attribute is used, a data value cannot exceed the maximum length specified.
ColdFusion debug output shows the bind variables as question marks and lists the values beneath the query, in order of usage.
Note: To insert an empty string into a Microsoft Access table using the SequelLink ODBC Socket or SequelLink Access driver, the CFSQLType attribute must specify CF_SQL_LONGVARCHAR.
Spyder's example will probably work but you might want to add a TRIM() to the form.employee in case someone types in a space before or after the name like this:
select distinct emp,sum(hours) as total_hours
From C
where emp = <cfqueryparam value="#TRIM(form.employee
AND datepart(week, getdate()) = datepart(week, curdate)
group by emp
select emp,inumber,icodenumber,re
From C
where emp = <cfqueryparam value="#TRIM(form.employee
AND datepart(week, getdate()) = datepart(week, curdate)
order by spm_subline
Cheers!
Ike