Solved

How to Add an AND clause using the ListQUalify Function

Posted on 2014-02-16
4
291 Views
Last Modified: 2014-02-23
Hello:

   I'm trying to ad an "AND" clause to the code below.  In other words, the logic needs to be as follows:

        SELECT Field1, Field2
            FROM table1
          WHERE field1 IN (#listQualify(newList, "'")#)
              AND field2  IN ((#listQualify(newList, "'")#)  - (Can't get this one to work).


=========================START CODE  ============================

<cffunction name="getEngagementCommittee" access="public" returntype="any"><!---   Populate city based on the state we have selected --->  
            <cfargument name="getCodes" type="string" required="yes">
              <cfset resultSet="">  
                        <cfset newList = "">
                        <cfloop list="#getCodes#"    index="j" >
                                <cfset newList = listAppend(trim(j),newList,",")>                                
                    </cfloop>
                    <cfquery name="resultSet"  datasource="#db.dbName#"  username="#db.dbUserName#" password="#db.dbPassword#">
 select committee_code code, committee_code||' - '||short_desc description ,short_desc
 from advance.committee_header
where committee_group_code in (#listQualify(newList, "'")#)  

NOTE: Below is where I need the AND clause.  It does NOT work.  I think SYNTAX issue.

     AND parent_committee_group IN (#listQualify(newList, "'")#)

order by short_desc

                </cfquery>    
            <cfreturn resultSet>
      </cffunction>

=========================END CODE  ============================

 Thank you!
0
Comment
Question by:henderxe
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 16

Expert Comment

by:Gurpreet Singh Randhawa
ID: 39864416
Just split it like this:

<cffunction name="getEngagementCommittee" access="public" returntype="any"><!---   Populate city based on the state we have selected --->  
            <cfargument name="getCodes" type="string" required="yes">
              <cfset resultSet="">  
                        <cfset newList = "">
                        <cfloop list="#getCodes#"    index="j" >
                                <cfset newList = listAppend(trim(j),newList,",")>                                
                    </cfloop>
<cfset newQualifiedLst = listQualify(newList, "'")>
                    <cfquery name="resultSet"  datasource="#db.dbName#"  username="#db.dbUserName#" password="#db.dbPassword#">
 select committee_code code, committee_code||' - '||short_desc description ,short_desc
 from advance.committee_header
where committee_group_code in (<cfqueryparam cfsqltype="cf_sql_varchar" value="#newQualifiedLst#" list="yes">)  

     AND parent_committee_group IN (<cfqueryparam cfsqltype="cf_sql_varchar" value="#newQualifiedLst#" list="yes">)

order by short_desc

                </cfquery>    
            <cfreturn resultSet>
      </cffunction>

Open in new window


Ok, getCodes is coming as comma separated list, right

you are just adding the quotes around the list you having, correct me if i am wrong


if i am correct you can merge the listappend and listqualify in the single call inside the loop rather than doing it again after the loop.
0
 
LVL 16

Accepted Solution

by:
Gurpreet Singh Randhawa earned 500 total points
ID: 39864425
also if you can show me what getCodes is coming as like dump the getcodes value and show me what value is coming, it might be some kind of single or double quote issue,
0
 
LVL 52

Expert Comment

by:_agx_
ID: 39865178
(no points...)

Yeah, don't use #listQualify(newList, "'")# in queries. Aside from possibly causing syntax errors if the values contain quotes, it may also expose your database to sql injection.

As mentioned above, use <cfqueryparam> with the "list" attribute. That attribute tells the db to treat the input as a list of individual values, and eliminates the need for quoting. It should solve your issue.

Side note - don't forget to var scope ALL of the function local variables:  "j", "newList", "resultSet", etc....
0
 

Author Closing Comment

by:henderxe
ID: 39881306
Tnank you for the solution, as well as all the other useful comments.

henderxe
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
need some regex help 15 30
Moving web servers into a DMZ? 3 89
Coldusion - DATA insert syntax problem 12 73
Watching Inbound/Outbound Traffic on Server 4 30
Most ColdFusion developers get confused between the CFSet, Duplicate, and Structcopy methods of copying a Structure, especially which one to use when. This Article will explain the differences in the approaches with examples; therefore, after readin…
Hi. There are several upload tutorials using jquery and coldfusion. I found a very interesting one here Upload Your Files using Jquery & ColdFusion and Preview them (http://www.randhawaworld.com/) . I did keep the main js functions but made sever…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question