How can I output the other -- #starttable#.field3?
Use an alias to give the fields different names ie table.column AS SomeName. Otherwise, cfquery may not know which field you mean when you say "field3".
select #endtable#.field9, #endtable#.field12,
Be careful using this type of sql. Depending on the source of your variables, this can pose a sql injection risk.
Thank you, that worked beautifully! Another trick learned..
Also, thanks for the sql injection warning -- I am cleaning the input before passing it into the query. Much appreciated!
I am cleaning the input before passing it into the query
Even this one?
The #form.field5# comes via a select list....no user input of data.
I suppose it is still possible to be compromised. I'll fix that. Thanks!
The #form.field5# comes via a select list....no user input
Someone could easily construct a fake http post, with malicious sql in the "form" fields, and submit it to your action page. That is why it is vulnerable.