tracker issue : CF-4006270

select a category, or use search below
(searches all categories and all time range)
Title:

The CF10 script query object adds spaces in quotes

| View in Tracker

Status/Resolution/Reason: Closed/Won't Fix/Workaround

Reporter/Name(from Bugbase): Jim Ward / Jim Ward (Jim Ward)

Created: 06/12/2015

Components: Database

Versions: 10.0

Failure Type: Non Functioning

Found In Build/Fixed In Build: Final /

Priority/Frequency: Major / Some users will encounter

Locale/System: English / Win 2008 Server R2 64 bit

Vote Count: 0

Problem Description:  When there are several quotes in a row (for escaping purposes) such as ''', 3 single quotes, the CF10 style query object adds a space, breaking the query.  In CF 11 you can use queryExecute and that works.  The quotes have to surround a parameter or a column.  The script query object fails in CF 11 as well.

Steps to Reproduce:  See Example

Actual Result:  [Macromedia][Oracle JDBC Driver][Oracle]ORA-00923: FROM keyword not found where expected

Expected Result:  It should work.

Any Workarounds:  None in CF10, use queryExecute in CF11.

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	4006270

External Customer Info:
External Company:  
External Customer Name: Jim
External Customer Email:  
External Test Config: My Hardware and Environment details:

Attachments:

  1. July 08, 2015 00:00:00: 1_stacktrace.txt

Comments:

I need the the quotes so I can return html tags back to the front end, such as '<onclick="test('12345')">' The script query object also fails in CF 11.
Comment by External U.
7233 | June 12, 2015 08:29:59 AM GMT
For some reason the example code was striped. requestId = 365; sqlstmt = "select '<name=""''' || :requestId || '''"">' from dual"; result = queryExecute(sqlstmt, {requestId={cfsqltype="CF_SQL_BIGINT",value=requestId}}); writedump(var="#result#"); testqry = new query(); testqry.setSQL(sqlstmt); testqry.addParam(cfsqltype="CF_SQL_BIGINT",name="requestId",value=requestId); results = testqry.execute().getResult(); writedump(var="#results#");
Comment by External U.
7234 | June 12, 2015 08:30:49 AM GMT
Jim, Can you please share the table structure so that I can try replicating this issue? I am not getting the exact same error. Please share the exception stacktrace which will help us in further narrowing down this issue.
Comment by Nimit S.
7235 | July 06, 2015 10:00:44 PM GMT
I attached the stack trace. There is no table structure, I'm just selecting from the dual table in Oracle.
Comment by External U.
7236 | July 08, 2015 06:40:24 AM GMT
We are taking limited and only critical fixes for Query.cfc component. Let us know if you feel this is a critical issue,
Comment by Nimit S.
7237 | September 22, 2015 03:33:14 AM GMT