The cf_sql_ is optional in cfqueryparam

This is not exactly a new trick, but it is quite useful and I find not many people know that the cf_sql_ prefix is optional in the cfsqltype attribute of cfqueryparam. So instead of doing this:

WHERE id = <cfqueryparam value="#url.id#" cfsqltype="cf_sql_integer">

You can just do this:

WHERE id = <cfqueryparam value="#url.id#" cfsqltype="integer">

This works on ColdFusion 11+ or Lucee 4.5+

Like this? Follow me ↯

Tweet Follow @pfreitag

cfqueryparam tips

The cf_sql_ is optional in cfqueryparam was first published on February 01, 2019.

The Fixinator Code Security Scanner for ColdFusion & CFML is an easy to use security tool that every CF developer can use. It can also easily integrate into CI for automatic scanning on every commit.

Try Fixinator

The cf_sql_ is optional in cfqueryparam

Like this? Follow me ↯

CFBreak
The weekly newsletter for the CFML Community

Post a Comment

The cf_sql_ is optional in cfqueryparam

Like this? Follow me ↯

CFBreak The weekly newsletter for the CFML Community

Post a Comment

CFBreak
The weekly newsletter for the CFML Community