<cfqueryparam>

Checks the data type of a query parameter.

The cfqueryparam tag is nested within a <cfquery> tag.

It is embedded within the query SQL statement.

If you specify its optional parameters, cfqueryparam also performs data validation.

It's use is essential for performance and security

This tag cannot have a body.

This tag is also supported within <cfscript>


		<cfqueryparam
    value=any
    sqltype=string
    cfsqltype=string
    maxlength=number
    charset=string
    scale=number
    null=boolean
    list=boolean
    separator=string
>

Attribute	Description
value _{any, optional}	Specifies the value that Lucee passes to the right of the comparison operator in a where clause. You can also pass in an Array as the value, which is automatically handled like list="true".
sqltype _{string, optional}	The SQL type that the parameter (any type) will be bound to. A list of SQL types can be found on the SQL Type page. All can be used with or without the `CF_SQL_` prefix.
maxlength _{number, optional}	Maximum length of the parameter. The default value is the length of the string specified in the value attribute.
charset _{string, optional}	This attribute is used for 2 things: - it checks if the given value is compatible with that charset - to check the binary length of the value (see attribute maxlength). Introduced: 5.3.8.25
scale _{number, optional}	Number of decimal places of the parameter. The default value is zero.
null _{boolean, optional}	Yes or No. Indicates whether the parameter is passed as a null. If Yes, the tag ignores the value attribute. The default is No.
list _{boolean, optional}	True or False, the default is False Indicates whether to process the value attribute as a comma delimited list of values, separated by a separator character. You can also pass an array as a value which automatically achieves the same result and doesn't require list="true", unless list is explicitly set to "false"
separator _{string, optional}	Specifies the character that separates values in the list of parameter values in the value attribute. The default is a comma. If you specify a list of values for the value attribute, you must also specify the list attribute.

Unimplemented Attribute(s)

Attribute	Description
cfsqltype _{string, optional}	This attribute has been deprecated, instead, use the attribute "sqltype" that has the same functionality. * deprecated *

Examples

<cfscript>
		_test = queryNew("_id,_need,_forWorld","integer,varchar,varchar", [[01,'plant', 'agri'],[02, 'save','water']]);
	</cfscript>
	<cfquery name="qTest" dbtype="query">
		select * from _test
		where _id = <cfqueryparam sqltype="integer" value="2" />
	</cfquery>
	<cfdump var="#qtest#" />

<cfqueryparam>

Unimplemented Attribute(s)

Examples

See also