tracker issue : CF-4199452

select a category, or use search below
(searches all categories and all time range)
Title:

queryExecute doesn't like single-quotes in sql-style comments

| View in Tracker

Status/Resolution/Reason: Closed/Fixed/Fixed

Reporter/Name(from Bugbase): Tim Mixell / Tim Mixell ()

Created: 08/09/2017

Components: Language, Functions

Versions: 2016,2018

Failure Type: Others

Found In Build/Fixed In Build: 2016,0,04,302561 / 311735

Priority/Frequency: Normal /

Locale/System: / Windows 10 64 bit

Vote Count: 6

Problem Description:
In CF11, the following is acceptable:


{code:java}
<cfscript>
result = queryExecute(
	"SELECT
		userID, email
	FROM user
	-- some inline SQL that shouldn't affect anything
	WHERE email = :email",
	{
		email: { cfsqltype: "varchar", value: 'user@user.com' }
	},
	{ datasource: "datasource" }
);
</cfscript>
<cfdump var="#result#">

{code}

In CF2016, it throws this exception:
Excess number (1) of positional parameters are defined for sql query':' [SELECT userID, email FROM user -- some inline SQL that shouldn't affect anything WHERE email = ? ]

Any Workarounds:
Removing the offending single-quote works, but the parser *worked* in CF11.

Attachments:

Comments:

It's not a huge deal, but it affects backward compatibility for no beneficial reason
Vote by Scott B.
436 | August 10, 2017 12:34:33 PM GMT