The cf_sql_ is optional in cfqueryparam
This is not exactly a new trick, but it is quite useful and I find not many people know that the
cf_sql_ prefix is optional in the
cfsqltype attribute of
cfqueryparam. So instead of doing this:
WHERE id = <cfqueryparam value="#url.id#" cfsqltype="cf_sql_integer">
You can just do this:
WHERE id = <cfqueryparam value="#url.id#" cfsqltype="integer">
This works on ColdFusion 11+ or Lucee 4.5+
Like this? Follow me ↯Tweet Follow @pfreitag
The cf_sql_ is optional in cfqueryparam was first published on February 01, 2019.
The FuseGuard Web Application Firewall for ColdFusion & CFML is a high performance, customizable engine that blocks various attacks against your ColdFusion applications.