Reputation: 233
coldfusion cfinsert fails, how to submit a query with optional fields
I have this insert tag:
<cfquery name="aoi_results" datasource="buyerhero" >
INSERT INTO polygons(tract, user, name, type, center, radius, north, south, east, west, verticies)
VALUES('#url.tract#', '#url.user#', '#url.name#', '#url.type#','#url.center#', '#url.radius#', '#url.north#', '#url.south#', '#url.east#', '#url.west#', '#url.verticies#');
</cfquery>
for this query, not all fields are used. some records have center and radius, others have north, south, east, and west, and others have verticies. any field not used is null.
How do I write the statement so each field after type is optional?
Thanks
Upvotes: 1
Views: 139
Answers (1)
Reputation: 1509
You can use cfparam to default your url params to blank if they're not passed in. Then, in your query you can use the null attribute of cfqueryparam. The null attribute is a boolean, if true, it will pass in null.
<cfparam name="URL.tract" default="" />
<cfparam name="URL.user" default="" />
<cfparam name="URL.name" default="" />
<cfparam name="URL.type" default="" />
<cfparam name="URL.center" default="" />
<cfparam name="URL.radius" default="" />
<cfparam name="URL.north" default="" />
<cfparam name="URL.south" default="" />
<cfparam name="URL.east" default="" />
<cfparam name="URL.west" default="" />
<cfparam name="URL.verticies" default="" />
<cfquery name="aoi_results" datasource="buyerhero" >
INSERT INTO polygons(tract, user, name, type, center, radius, north, south, east, west, verticies)
VALUES(
<cfqueryparam value="#URL.tract#" cfsqltype="cf_sql_integer" />
,<cfqueryparam value="#URL.user#" cfsqltype="cf_sql_varchar" />
,<cfqueryparam value="#URL.name#" cfsqltype="cf_sql_varchar" />
,<cfqueryparam value="#URL.type#" cfsqltype="cf_sql_integer" />
,<cfqueryparam value="#URL.center#" cfsqltype="cf_sql_float" null="#len(URL.center) EQ 0#" />
,<cfqueryparam value="#URL.radius#" cfsqltype="cf_sql_float" null="#len(URL.radius) EQ 0#" />
,<cfqueryparam value="#URL.north#" cfsqltype="cf_sql_float" null="#len(URL.north) EQ 0#" />
,<cfqueryparam value="#URL.south#" cfsqltype="cf_sql_float" null="#len(URL.south) EQ 0#" />
,<cfqueryparam value="#URL.east#" cfsqltype="cf_sql_float" null="#len(URL.east) EQ 0#" />
,<cfqueryparam value="#URL.west#" cfsqltype="cf_sql_float" null="#len(URL.west) EQ 0#" />
,<cfqueryparam value="#URL.verticies#" cfsqltype="cf_sql_float" null="#len(URL.verticies) EQ 0#" />
);
</cfquery>
I guessed on the cfsqltype, you'll have to verify those yourself. The null attribute will set the column to null if the len() is 0, and all URL parameters are defaulted to blank using cfparam
Most importantly, you should always use cfqueryparam. Passing URL variables into a query is just asking to be hacked with a SQL injection attack. Read the query param section on learncfinaweek for some more information on this.
Upvotes: 5
Related Questions
- cfprocparam throwing Error Executing Database Query
- Query null values
- Weird Coldfusion cfqueryparam
- Trouble using cfqueryparam with sql query strings
- <cfqueryparam> shows "?" instead of number
- How to use the cfqueryparam for a null value to get records from a table?
- CFQUERYPARAM not working in ColdFusion 10
- SQL statement not working when placed in ColdFusion CFC
- Error in my CFQUERYPARAM
- (ColdFusion + Access) Database Query Error "Too few parameters."