Uploaded image for project: 'Railo'
  1. Railo
  2. RAILO-2059

Bug with parameter parser in Query.cfc

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Out of Date
    • Affects Version/s: 4.0.0.013
    • Fix Version/s: None
    • Labels:
      None
    • Steps to Reproduce:
      Hide

      <cfprocessingdirective pageencoding="UTF-8">
      <cfscript>
      q1 = queryNew("");
      queryAddColumn(q1, "id", [1,2,3,4,5,6,7]);
      queryAddColumn(q1, "daysofWeek", ["Rāhina","Rātū","Rāapa","Rāpare","Rāmere","Rāhoroi","Rātapu"]);
      queryAddColumn(q1, "ts", [now(),now(),now(),now(),now(),now(),now()]);

      o = new Query(
      dbtype = "query",
      sql = "
      SELECT *
      FROM q1
      WHERE ts = '#now()#'
      "
      );

      o.setAttributes(q1=q1);

      o.execute();
      q2 = o.getResult();

      writeDump(variables);
      </cfscript>

      Show
      <cfprocessingdirective pageencoding="UTF-8"> <cfscript> q1 = queryNew(""); queryAddColumn(q1, "id", [1,2,3,4,5,6,7] ); queryAddColumn(q1, "daysofWeek", ["Rāhina","Rātū","Rāapa","Rāpare","Rāmere","Rāhoroi","Rātapu"] ); queryAddColumn(q1, "ts", [now(),now(),now(),now(),now(),now(),now()] ); o = new Query( dbtype = "query", sql = " SELECT * FROM q1 WHERE ts = '#now()#' " ); o.setAttributes(q1=q1); o.execute(); q2 = o.getResult(); writeDump(variables); </cfscript>

      Description

      Problem Description:
      See http://adamcameroncoldfusion.blogspot.co.uk/2012/09/not-obvious-bug-in-querycfc.html.

      In short: if the SQL statement passed to Query.cfc has a hard-coded timestamp (or any other similar bit of data) in it, CF interprets the minutes and seconds part of the timestamp as parameter names

      See below for steps to reproduce

      Actual Result:
      Error Executing Database Query
      Parameter '45' not found in the list of parameters specified

      SQL: SELECT * FROM q1 WHERE ts = '

      {ts '2012-09-07 08:45:06'}

      '

      Expected Result:
      Not an error

      This is very similar to RAILO-1379, which is apparently "fixed". Not completely fixed, it seems.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                micstriit Michael Offner
                Reporter:
                adamcameroncf Adam Cameron
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: