CF9 PreserveSingleQuotes bug

Posted At : February 2, 2010 10:30 AM | Posted By : Gary Gilbert
Related Categories: Coldfusion,Railo,Adobe

This little bug comes courtesy of my boss at Contens. It appears that the function PreserveSingleQuotes() in Coldfusion 9 is unable to handle the results of a function that returns a string.

The Problem

You have a simple string, or list and wish to manipulate it, the results of the manipulation is then going to be used in a query so naturally you will want to use PreserveSingleQuotes() to make sure that your single quotes are not removed.

Take the following simple example below:


<cfset mylist = "one,two,three,four">

<cfquery name="getStuff" datasource="#request.dsn#">
select * from mytable
where numbers in (#PreserveSingleQuotes(listQualify(mylist,"'"))#)
</cfquery>

Yes I could use cfqueryparam in this case, but for the sake of example lets pretend that I didn't. If you try this code or simply leave out the query and do the following:


<cfoutput>#PreserveSingleQuotes(listQualify(mylist,"'"))#</cfoutput>

ColdFusion 9 will throw an error:

 Complex constructs are not supported with function PreserveSingleQuotes.
Use simple variable instead.

Pardon me but a string or list is indeed a simple variable! PreserveSingleQuotes will also fail with the following:


<cfoutput>#preserveSingleQuotes(lCase("it's definitely a simple life!"))#</cfoutput>

Work Around

There is a work around to this ColdFusion 9 bug, simply store the results of the manipulation in a variable and then pass that variable to PreserveSingleQuotes() as I in the following snippet:


<cfset mystring = lCase("it's definitely a simple life!")>
<cfoutput>#preserveSingleQuotes(mystring)#</cfoutput>

Just a heads up if you are migrating to CF9 or developing for both Railo and ColdFusion 9 to always test your code thoroughly in both environments.

Happy Coding...

Comments (9) | del.icio.us | Digg It! | Linking Blogs | 2801 Views
9 Comments to "CF9 PreserveSingleQuotes bug"- Add Yours
Sankalan Panda's Gravatar Yes - really an issue.
I feel this is because of the Call By Reference.
ListQualify() returns one copy of the original list with qualifiers. That might be a complex object.
I am thinking so because - similar thing happening with structCopy() as well because of Call By Reference.
But Duplicate() is Call By Value.
# Posted By Sankalan Panda | 2/2/10 11:36 AM
Gary Gilbert's Gravatar List Qualify returns a list with qualifiers, that is true, but it returns a list which is really just simply a string. If I save the returned list in a variable and then pass that variable to preservesinglequotes it works just fine. If it was a complex object that was returned from listqualify then saving it to a variable would not change it from a complex to a simple object.
# Posted By Gary Gilbert | 2/2/10 1:16 PM
Adam Lehman's Gravatar Did you file a bug?

http://cfbugs.adobe.com/cfbugreport/flexbugui/cfbu...

-Adam
# Posted By Adam Lehman | 2/2/10 4:21 PM
Gary Gilbert's Gravatar Yes I have posted a bug. #81940
# Posted By Gary Gilbert | 2/2/10 5:21 PM
Adam's Gravatar Brilliant. Thanks!

I'll track this one and ensure it gets into the 9.01 release (Sully).

-Adam
# Posted By Adam | 2/2/10 5:42 PM
Justice's Gravatar From my recollection, this is just the way PreserveSingleQuotes happens to work. You may wish to file a feature-request, but it's not exactly a bug. PreserveSingleQuotes is not a function in the normal sense of the word. It does not accept an arbitrary input. It accepts only a string literal or a simple variable, but not an expression. For example, string concatenation is not allowed; neither is array indexing, struct lookup, or function calling.
# Posted By Justice | 2/4/10 1:36 PM
Gary Gilbert's Gravatar Just because preserveSingleQuote happens to work that way doesnt mean that its not a bug.

Most, I guess I cant say all, cf funtions can accept the results from another function as input so long as the function returns a datatype that is accepted.

I admit the signature for preservsingleQuote specifically states "PreserveSingleQuotes(variable)" and not PreserveSingleQuotes(string). So while you are technically correct this is, in my opinion, a shitty implementation.
# Posted By Gary Gilbert | 2/4/10 3:05 PM
Justice's Gravatar It is a shitty implementation, indeed.

I often resort to writing complex queries within a cfsavecontent (yes, with proper escaping), and then doing a cfquery with the saved query text afterwards, just so I can write the complex query in a straightforward way.
# Posted By Justice | 2/4/10 3:46 AM
rgmoon's Gravatar This is very nice info related to software. I understand a lot through these codes. I want ti get more such posts. Thanks for such nice info. It increases my knowledge a lot.
http://www.city32.com/www.startcooking.com/
# Posted By rgmoon | 1/3/12 2:48 AM
[Add Comment]

Powered By Railo

Subscribe

Subscribe via RSS
Follow garyrgilbert on Twitter Follow me on Twitter
Or, Receive daily updates via email.

Tags

adobe air ajax apple cf community cfml coldfusion examples ext flash flex google javascript jquery max2007 max2008 misc open source programming railo software technology ui

Recent Entries

No recent entries.

Blogroll

An Architect's View
CFSilence
Rey Bango
TalkingTree

Wish List

My Amazon.com Wish List