<cfquery name="GetData" datasource="#APPLICATION.DataSource#">
DECLARE @param varchar(25),
SELECT @param=<cfqueryparam cfsqltype="cf_sql_varchar" value="#VARIABLES.orderby#">,
@dataID=<cfqueryparam cfsqltype="cf_sql_varchar" value="#VARIABLES.DataID#">,
@sql = 'SELECT ID,
FROM Table WITH (NOLOCK)
WHERE DataID = ' + @dataID + 'Order by ' + @param + ' asc';
EXEC sp_executesql @sql
Monday, August 18, 2008
With all of the SQL Injection attacks going on in the ColdFusion world I thought that it may be beneficial to show everyone a way that I know of to have cfqueryparam'd 'Order By' clauses. If anyone knows of other ways to accomplish this, please feel free to post a comment on how to do so.
What you'll need: T6 screwdriver PH000 philips screwdriver SATA to USB connector ( or SATA to Thunderbolt if you feel like spending ...
Use your IDE of choice, I prefer Sublime Text because it uses the Perl Compatible Regular Expressions (PCRE) engine from the Boost library a...
For those who have gotten the following error: "java.awt.color.CMMException: Invalid image format" and tried the solutions post...
This multi-part post will be community comment driven, which basically means that in an effort to not spend too much time on details that mi...