Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to Add an AND clause using the ListQUalify Function

Posted on 2014-02-16
4
Medium Priority
?
304 Views
Last Modified: 2014-02-23
Hello:

   I'm trying to ad an "AND" clause to the code below.  In other words, the logic needs to be as follows:

        SELECT Field1, Field2
            FROM table1
          WHERE field1 IN (#listQualify(newList, "'")#)
              AND field2  IN ((#listQualify(newList, "'")#)  - (Can't get this one to work).


=========================START CODE  ============================

<cffunction name="getEngagementCommittee" access="public" returntype="any"><!---   Populate city based on the state we have selected --->  
            <cfargument name="getCodes" type="string" required="yes">
              <cfset resultSet="">  
                        <cfset newList = "">
                        <cfloop list="#getCodes#"    index="j" >
                                <cfset newList = listAppend(trim(j),newList,",")>                                
                    </cfloop>
                    <cfquery name="resultSet"  datasource="#db.dbName#"  username="#db.dbUserName#" password="#db.dbPassword#">
 select committee_code code, committee_code||' - '||short_desc description ,short_desc
 from advance.committee_header
where committee_group_code in (#listQualify(newList, "'")#)  

NOTE: Below is where I need the AND clause.  It does NOT work.  I think SYNTAX issue.

     AND parent_committee_group IN (#listQualify(newList, "'")#)

order by short_desc

                </cfquery>    
            <cfreturn resultSet>
      </cffunction>

=========================END CODE  ============================

 Thank you!
0
Comment
Question by:henderxe
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 16

Expert Comment

by:Gurpreet Singh Randhawa
ID: 39864416
Just split it like this:

<cffunction name="getEngagementCommittee" access="public" returntype="any"><!---   Populate city based on the state we have selected --->  
            <cfargument name="getCodes" type="string" required="yes">
              <cfset resultSet="">  
                        <cfset newList = "">
                        <cfloop list="#getCodes#"    index="j" >
                                <cfset newList = listAppend(trim(j),newList,",")>                                
                    </cfloop>
<cfset newQualifiedLst = listQualify(newList, "'")>
                    <cfquery name="resultSet"  datasource="#db.dbName#"  username="#db.dbUserName#" password="#db.dbPassword#">
 select committee_code code, committee_code||' - '||short_desc description ,short_desc
 from advance.committee_header
where committee_group_code in (<cfqueryparam cfsqltype="cf_sql_varchar" value="#newQualifiedLst#" list="yes">)  

     AND parent_committee_group IN (<cfqueryparam cfsqltype="cf_sql_varchar" value="#newQualifiedLst#" list="yes">)

order by short_desc

                </cfquery>    
            <cfreturn resultSet>
      </cffunction>

Open in new window


Ok, getCodes is coming as comma separated list, right

you are just adding the quotes around the list you having, correct me if i am wrong


if i am correct you can merge the listappend and listqualify in the single call inside the loop rather than doing it again after the loop.
0
 
LVL 16

Accepted Solution

by:
Gurpreet Singh Randhawa earned 2000 total points
ID: 39864425
also if you can show me what getCodes is coming as like dump the getcodes value and show me what value is coming, it might be some kind of single or double quote issue,
0
 
LVL 52

Expert Comment

by:_agx_
ID: 39865178
(no points...)

Yeah, don't use #listQualify(newList, "'")# in queries. Aside from possibly causing syntax errors if the values contain quotes, it may also expose your database to sql injection.

As mentioned above, use <cfqueryparam> with the "list" attribute. That attribute tells the db to treat the input as a list of individual values, and eliminates the need for quoting. It should solve your issue.

Side note - don't forget to var scope ALL of the function local variables:  "j", "newList", "resultSet", etc....
0
 

Author Closing Comment

by:henderxe
ID: 39881306
Tnank you for the solution, as well as all the other useful comments.

henderxe
0

Featured Post

How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most ColdFusion developers get confused between the CFSet, Duplicate, and Structcopy methods of copying a Structure, especially which one to use when. This Article will explain the differences in the approaches with examples; therefore, after readin…
CFGRID Custom Functionality Series -  Part 1 Hi Guys, I was once asked how it is possible to to add a hyperlink in the cfgrid and open the window to show the data. Now this is quite simple, I have to use the EXT JS library for this and I achiev…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question