Skip navigation
TheScarecrow
TheScarecrow
Currently Being Moderated

CFC URL variable

Mar 8, 2012 12:36 PM

I am having trouble with a URL varailble.  Does anyone know how to send a URL variable to the query in a CFC.  Here is what I have so far and it does not work. Thanks.

 

CFC:

<cffunction name="pagevideo" access="public" returntype="query">

  <cfset var pagevideo="">

  <cfif not IsDefined("URL.VideoID")>

    <cflocation url="page.cfm?videoID=486">

  <cfelse>

    <cfquery name="pagevideo" datasource="videos">

          SELECT video_path, ID, Video_Name,

    FROM Video

    WHERE ID = #URL.VideoID#

          </cfquery>

  </cfif>

  <cfreturn aged240video>

</cffunction>

 

CFM page:

<cfset myObj = createObject("component","cfc.page") />

<cfset queryObj = myObj.pagevideo()>

 

 

 

 

  <h2 >Page Header</h2>

<cfoutput><h2 >#queryObj.Video_Name#</h2></cfoutput>

749 Views   5 Replies   Latest reply: BKBK, Mar 8, 2012 1:32 PM
 
Replies
  • JR \
    Currently Being Moderated
    1. JR \"Bob\" Dobbs,
    Mar 8, 2012 1:00 PM   in reply to TheScarecrow
    Report

    What is the error message, if any, you receive.  I also that the variable aged240video in your cfreturn is not defined. 

     

    Try <cfreturn pagevideo> instead. 

     

    You should also omit the line <cfset var pagevideo="">.

     

    You should also use CFQUERYPARAM in your query when passing in URL.VideoID.

     
    |
    Mark as:
  • TheScarecrow
    Currently Being Moderated
    2. TheScarecrow,
    Mar 8, 2012 1:02 PM   in reply to JR \"Bob\" Dobbs
    Report

    I already changed it to pagevideo.  The error I get is as follows

    Error Executing Database Query.

    [Macromedia][SequeLink JDBC Driver][ODBC Socket][FileMaker][FileMaker] FQL0001/(1:36): There is an error in the syntax of the query.


     

    How would I use CFQUERYPARAM?

     
    |
    Mark as:
  • JR \
    Currently Being Moderated
    3. JR \"Bob\" Dobbs,
    Mar 8, 2012 1:14 PM   in reply to TheScarecrow
    Report

    It appears that you have an extra comma after Video_Name in your query.  I suspect that this is causing the error.

     

     

    The CFQUERYPARAM tag is used to bind parameters to your SQL statements.  Use of bound parameters is recommended to avoid SQL injection attack vulnerability.

     

    See:

     

    Assuming that the ID column is an integer:

    <cfquery name="pagevideo" datasource="videos">

        SELECT video_path, ID, Video_Name

        FROM Video

        WHERE ID = <cfqueryparam value="#URL.VideoID#" cfsqltype="cf_sql_integer">

    </cfquery>

     

     

     

     

    References:

     

    CFQUERYPARAM

    http://help.adobe.com/en_US/ColdFusion/9.0/CFMLRef/WSc3ff6d0ea77859461 172e0811cbec22c24-7f6f.html

     

    SQL Injection (Wikipedia)

    http://en.wikipedia.org/wiki/Sql_injection

     
    |
    Mark as:
  • JR \
    Currently Being Moderated
    4. JR \"Bob\" Dobbs,
    Mar 8, 2012 1:32 PM   in reply to JR \"Bob\" Dobbs
    Report

    You might consider refactoring your code to remove the dependency on a url scope variable.  This would allow you to use the CFC to query by video based on a form field or other value.

     

    <cffunction name="pagevideo" access="public" returntype="query">

        <cfargument name="videoId" type="numeric" required="yes">

     

        <cfquery name="pagevideo" datasource="videos">

            SELECT video_path, ID, Video_Name

            FROM Video

            WHERE ID = <cfqueryparam value="#arguments.videoId#" cfsqltype="cf_sql_integer">

        </cfquery>

     

      <cfreturn pagevideo>

     

    </cffunction>

     

     

     

    CFM page:

     

    <cfset myObj = createObject("component","cfc.page") />

     

    <cfset queryObj = myObj.pagevideo(videoId=url.VideoID)>

     

    Message was edited by: JR \"Bob\" Dobbs

     

    Message was edited by: JR \"Bob\" Dobbs

     
    |
    Mark as:
  • BKBK
    Currently Being Moderated
    5. BKBK,
    Mar 8, 2012 1:32 PM   in reply to TheScarecrow
    Report

    CFM page:

    <cfparam name="url.videoID" default="486">

    <cfset myObj = createObject("component","cfc.page") />

    <cfset queryObj = myObj.pagevideo(url.videoID)>

     

    CFC:

    <cfcomponent>

    <cffunction name="pagevideo" access="public" returntype="query">

    <cfargument name="videoID" type="numeric" required="yes">

      <cfset var pagevideo="">

        <cfquery name="pagevideo" datasource="videos">

            SELECT video_path, ID, Video_Name,

            FROM Video

            WHERE ID = <cfqueryparam cfsqltype="cf_sql_numeric" value="#arguments.videoID#">

        </cfquery>

      <cfreturn pagevideo>

    </cffunction>

    </cfcomponent>

     

     

    Update: I discovered only after posting how similar this is to JR \"Bob\" Dobbs' suggestion!

     
    |
    Mark as:
Actions

More Like This

  • Retrieving data ...

Incoming Links

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points