Coldfusion Insert Into Query

It have been a long time since I have used coldfusion, so I am a little rusty.  Not sure what I did wrong here

<cfquery name="insertrecord" datasource="brothers" username="user" password="password">
INSERT INTO [dbo].[Bro]
           ([Lname],
           [Mname],
           [Fname],
           [Grad],
           [HStreet],
           [HCity],
           [HState],
           [HZip],
           [PCell],
           [PHome],
           [PBus],
           [HEmail],
           [BEmail],
           [Web],
           [Residence],
           [Wife],
           [Kids],
           [KidsComments],
           [Careers],
           [CareerAwards],
           [Employee],
           [EmployeeComments],
           [EmployeeAwards],
           [MYears],
           [MBranch],
           [MUnit],
           [MRank],
           [MJob],
           [MStationed],
           [MAwards],
           [MComments],
           [SportsComments],
           [SigmaChiActivities],
           [BGSUActivities],
           [BGSUSports],
           [BGSUDegree],
           [BGSUComments],
           [BGSUAwards],
           [Ev1962],
           [Ev1963],
           [Ev1964],
           [Ev1965],
           [Ev1966],
           [Ev1967],
           [Ev1968],
           [PostBGSU])
     VALUES
           (#form.lname#,
           #form.mname#,
           #form.fname#,
           #form.grad#,
           #form.hstreet#,
           #form.hcity#,
           #form.hstate#,
           #form.hzip#,
           #form.pcell#,
           #form.phome#,
           #form.pbus#,
           #form.hemail#,
           #form.bemail#,
           #form.web#,
           #form.residence#,
           #form.wife#,
           #form.kids#,
           #form.kidscomments#,
           #form.careers#,
           #form.careerawards#,
           #form.employee#,
           #form.employeecomments#,
           #form.employeeawards#,
           #form.myears#,
           #form.mbranch#,
           #form.mbranch#,
           #form.mrank#,
           #form.mjob#,
           #form.mstationed#,
           #form.mawards#,
           #form.mcomments#,
           #form.sportscomments#,
           #form.sigmachiactivities#,
           #form.bgsuactivities#,
           #form.bgsusports#,
           #form.bgsudegree#,
           #form.bgsucomments#,
           #form.bgsuawards#,
           #form.ev1962#,
           #form.ev1963#,
           #form.ev1964#,
           #form.ev1965#,
           #form.ev1966#,
           #form.ev1967#,
           #form.ev1968#,
           #form.postbgsu#)
           
</cfquery>


Here is the error

Error Executing Database Query.

[Macromedia][SQLServer JDBC Driver][SQLServer]Invalid column name 'Steve'.
 
Resources:
Enable Robust Exception Information to provide greater detail about the source of errors. In the Administrator, click Debugging & Logging > Debug Output Settings, and select the Robust Exception Information option.
Check the ColdFusion documentation to verify that you are using the correct syntax.
Search the Knowledge Base to find a solution to your problem.
Browser        Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.66 Safari/537.36
benjam222Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

benjam222Author Commented:
I am an idiot and really rusty..... forgot the '.....
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
_agx_Commented:
Not related to the question, but the query above puts your db at risk for sql injection. Always use cfqueryparam on all user supplied parameters.
0
benjam222Author Commented:
Can you give me an example?
0
_agx_Commented:
In your VALUES clause, wrap all of the FORM parameters in cfqueryparam tags.  The cfsqltype should match the data type of the column you're inserting into  ie

- CF_SQL_VARCHAR for VARCHAR column
- CF_SQL_INTEGER for INTEGER
-   etc...

See the cfqueryparam docs for a full listing of mappings by database type:
      http://livedocs.adobe.com/coldfusion/8/htmldocs/Tags_p-q_18.html

Not tested, but something like this:

INSERT INTO YourTable ( Column Names ..... )
VALUES
(
   <cfqueryparam value="#form.lname#" cfsqltype="CF_SQL_VARCHAR">
   , <cfqueryparam value="#form.mname#" cfsqltype="CF_SQL_VARCHAR">
   , <cfqueryparam value="#form.fname#" cfsqltype="CF_SQL_VARCHAR">
   ,  .....
)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ColdFusion Language

From novice to tech pro — start learning today.