我遇到了尝试使用此cfquery更新SQL表的问题。这是冷聚变的代码:
<CFSET dateTimes=DateFormat(Now(),"mm\dd\yyyy")>
<CFQUERY NAME="updateTime" DATASOURCE="#this_datasource#">
UPDATE users
SET ACTIVITYDATE = CAST(#dateTimes# AS smalldatetime)
WHERE username = '#Form.login_username#'
AND Password = '#Form.Password#'
</CFQUERY>
当试图执行此操作时,它给了我:
Error Executing Database Query. [Macromedia][SQLServer JDBC Driver] [SQLServer]Incorrect syntax near '\25'.
The error occurred on line 19.
另一件事是sal_var的类型,ACTIVITYDATE是smalldatetime。我也尝试过没有强制转换,只做普通#dateTimes#var。我也尝试过cfqueryparam也没用。提前感谢您的帮助!
答案 0 :(得分:3)
用于SQL Server datetime / smalldatetime值的cfqueryparam cfsqltype是cf_sql_timestamp。您可以按如下方式重新编写代码:
<CFSET dateTimes=DateFormat(Now(),"mm/dd/yyyy")>
<CFQUERY NAME="updateTime" DATASOURCE="#this_datasource#">
UPDATE users
SET ACTIVITYDATE = <cfqueryparam value="#dateTimes#" cfsqltype="cf_sql_timestamp">
WHERE username = <cfqueryparam value="#Form.login_username#" cfsqltype="cf_sql_varchar">
AND Password = <cfqueryparam value="#Form.Password#" cfsqltype="cf_sql_varchar">;
</CFQUERY>
建议使用cfqueryparam以避免SQL注入漏洞。
请参阅:https://wikidocs.adobe.com/wiki/display/coldfusionen/cfqueryparam
答案 1 :(得分:0)
改变这个:
SET ACTIVITYDATE = CAST(#dateTimes# AS smalldatetime)
到此:
SET ACTIVITYDATE = GetDate()
或者,如果您不想要时间组件
SET ACTIVITYDATE = cast(GetDate() as date)
虽然您可以发送ColdFusion变量,但是没有必要这样做,为什么要这么麻烦?