This content has been marked as final. Show 3 replies
First, think about duplicate names.
Next, assuming the user is clicking on a link, the where clause of your query will include
and fieldname = '#url.variablename#'
unless it's numeric in which case you lose the quotes.
Dan's point about duplicate names is an important one. You're probably going to be better off using some sort of unique ID to indentify your artists, rather than names. Plus, passing text with spaces via URL variables can get messy. Your best bet may be to do something like this:
<cfquery name="qArtists" ...>
SELECT firstname, lastname, artistid
ORDER BY lastname, firstname
<li><a href="artistpage.cfm?artist=#artistid#">#lastname#, #firstname#</li>
<cfparam name="URL.artist" default="">
<cfquery name="qArtistInfo" ...>
WHERE artistid = <cfqueryparam cfsqltype="CF_SQL_INTEGER" value="#URL.artist#">
<!--- Other Artist Data --->
A couple of notes if you're new to CF:
1) When you are passing variables via the URL, its always a good idea to default them using <cfparam>. You may also want to add some logic so that if URL.artist eq "", then you redirect back to your list
2) Integers are much easier to pass via URL variables than names. If you are worried about controlling which artists users have access to you can take steps to encrypt or obfuscate the artist ids.
3) Your queries may run a little quicker if you can define the fields you want to retrieve from your table instead of using "*". However, I know how much a pain it can be to go back and add fields to your code when you change your database scheme.
4) Using <cfqueryparam> does 2 things for you: First, it speeds up your queries (which is always good). Second, it provides you some protection against Cross Site Scripting and SQL injection built into the tag.
5) If you query is only returning 1 record, I believe the current best practice is to use <cfoutput>#qQueryName.myField#</cfoutput> instead of <cfoutput query="qQueryName">#myField#</cfoutput>. Since outside of a loop, #qQueryName.myField# always returns the value of myField in the first row of the recordset.
Hope that helps!