Copy link to clipboard
Copied
I am having trouble with a URL varailble. Does anyone know how to send a URL variable to the query in a CFC. Here is what I have so far and it does not work. Thanks.
CFC:
<cffunction name="pagevideo" access="public" returntype="query">
<cfset var pagevideo="">
<cfif not IsDefined("URL.VideoID")>
<cflocation url="page.cfm?videoID=486">
<cfelse>
<cfquery name="pagevideo" datasource="videos">
SELECT video_path, ID, Video_Name,
FROM Video
WHERE ID = #URL.VideoID#
</cfquery>
</cfif>
<cfreturn aged240video>
</cffunction>
CFM page:
<cfset myObj = createObject("component","cfc.page") />
<cfset queryObj = myObj.pagevideo()>
<h2 >Page Header</h2>
<cfoutput><h2 >#queryObj.Video_Name#</h2></cfoutput>
Copy link to clipboard
Copied
What is the error message, if any, you receive. I also that the variable aged240video in your cfreturn is not defined.
Try <cfreturn pagevideo> instead.
You should also omit the line <cfset var pagevideo="">.
You should also use CFQUERYPARAM in your query when passing in URL.VideoID.
Copy link to clipboard
Copied
I already changed it to pagevideo. The error I get is as follows
Error Executing Database Query. | |
[Macromedia][SequeLink JDBC Driver][ODBC Socket][FileMaker][FileMaker] FQL0001/(1:36): There is an error in the syntax of the query. |
How would I use CFQUERYPARAM?
Copy link to clipboard
Copied
It appears that you have an extra comma after Video_Name in your query. I suspect that this is causing the error.
The CFQUERYPARAM tag is used to bind parameters to your SQL statements. Use of bound parameters is recommended to avoid SQL injection attack vulnerability.
See:
Assuming that the ID column is an integer:
<cfquery name="pagevideo" datasource="videos">
SELECT video_path, ID, Video_Name
FROM Video
WHERE ID = <cfqueryparam value="#URL.VideoID#" cfsqltype="cf_sql_integer">
</cfquery>
References:
CFQUERYPARAM
http://help.adobe.com/en_US/ColdFusion/9.0/CFMLRef/WSc3ff6d0ea77859461172e0811cbec22c24-7f6f.html
SQL Injection (Wikipedia)
Copy link to clipboard
Copied
You might consider refactoring your code to remove the dependency on a url scope variable. This would allow you to use the CFC to query by video based on a form field or other value.
<cffunction name="pagevideo" access="public" returntype="query">
<cfargument name="videoId" type="numeric" required="yes">
<cfquery name="pagevideo" datasource="videos">
SELECT video_path, ID, Video_Name
FROM Video
WHERE ID = <cfqueryparam value="#arguments.videoId#" cfsqltype="cf_sql_integer">
</cfquery>
<cfreturn pagevideo>
</cffunction>
CFM page:
<cfset myObj = createObject("component","cfc.page") />
<cfset queryObj = myObj.pagevideo(videoId=url.VideoID)>
Message was edited by: JR \"Bob\" Dobbs
Message was edited by: JR \"Bob\" Dobbs
Copy link to clipboard
Copied
CFM page:
<cfparam name="url.videoID" default="486">
<cfset myObj = createObject("component","cfc.page") />
<cfset queryObj = myObj.pagevideo(url.videoID)>
CFC:
<cfcomponent>
<cffunction name="pagevideo" access="public" returntype="query">
<cfargument name="videoID" type="numeric" required="yes">
<cfset var pagevideo="">
<cfquery name="pagevideo" datasource="videos">
SELECT video_path, ID, Video_Name,
FROM Video
WHERE ID = <cfqueryparam cfsqltype="cf_sql_numeric" value="#arguments.videoID#">
</cfquery>
<cfreturn pagevideo>
</cffunction>
</cfcomponent>
Update: I discovered only after posting how similar this is to JR \"Bob\" Dobbs' suggestion!