|
DescriptionPasses
queries or SQL statements to a data source.
Adobe recommends
that you use the cfqueryparam tag within every cfquery tag,
to help secure your databases from unauthorized users. For more information,
see Security Bulletin ASB99-04, "Multiple SQL Statements in Dynamic
Queries," in the Security Zone, www.adobe.com/go/sn_asb99-04,
and Accessing
and Retrieving Data in the Developing ColdFusion Applications.
Syntax<cfquery
name = "query name"
blockFactor = "block size"
cachedAfter = "date"
cachedWithin = "timespan"
dataSource = "data source name"
dbtype = "query"
debug = "yes|no"
maxRows = "number"
ormoptions = #orm options structure#
password = "password"
result = "result name"
timeout = "seconds"
username = "user name">
</cfquery>
Note: You can specify
this tag’s attributes in an attributeCollection attribute
whose value is a structure. Specify the structure name in the attributeCollection attribute
and use the tag’s attribute names as structure keys.
HistoryColdFusion
9.0.1: Introduced support for HQL queries; added the attribute ormoptions.
ColdFusion
9: Datasource attribute is optional now.
ColdFusion 8: Added
the result variable that specifies the ID of a row.
ColdFusion
MX 7:
Added the result attribute
for specifying an alternate name for the structure that holds the
result variables.
Added result variables for the SQL statement executed (sql),
the number of records returned (recordcount), whether
the query was cached (cached), an array of cfqueryparam values
(sqlparameters), and the list of columns in the
returned query (columnlist).
ColdFusion
MX:
Changed Query of Queries behavior: it now supports
a larger subset of standard SQL.
Changed dot notation support: ColdFusion now supports dot
notation within a record set name. ColdFusion interprets such a
name as a structure.
Deprecated the connectString, dbName, dbServer, provider, providerDSN,
and sql attributes, and all values of the dbtype attribute except query.
They do not work, and might cause an error, in releases later than
ColdFusion 5.
New query object variable: cfquery.ExecutionTime.
No longer supports native drivers. It now uses JDBC (and
ODBC-JDBC bridge) for database connectivity.
Attributes
Attribute
|
Req/Opt
|
Default
|
Description
|
|---|
name
|
Required
|
|
Name of query. Used in page to reference
query record set. Must begin with a letter. Can include letters,
numbers, and underscores.
|
blockFactor
|
Optional
|
1
|
Maximum rows to get at a time from server.
Range: 1 - 100. Might not be supported by some database systems.
|
cachedAfter
|
Optional
|
|
Date value (for example, April 16, 1999,
4-16-99). If date of original query is after this date, ColdFusion
uses cached query data. To use cached data, current query must use same
SQL statement, data source, query name, user name, password.
A
date/time object is in the range 100 AD–9999 AD.
When specifying
a date value as a string, enclose it in quotation marks.
|
cachedWithin
|
Optional
|
|
Timespan, using the CreateTimeSpan function.
If original query date falls within the time span, cached query
data is used. CreateTimeSpan defines a period from the
present, back. Takes effect only if query caching is enabled in
the Administrator.
To use cached data, the current query
must use the same SQL statement, data source, query name, user name,
and password.
|
dataSource
|
Optional
|
|
The Datasource attribute is now optional.
If omitted, the query uses the datasource specified in the application.
If it is not specified in either places, then the error will be thrown.
|
dbtype
|
Optional
|
|
Results of a query as input. Specify either dbtype or dataSource.
ColdFusion
9.0.1 supports HQL in cfquery. Therefore, you can
specify dbtype="hql" as shown in the following
example:
<cfquery dbtype="hql" name="artists" ormoptions=#{cachename=""}#>from Artists where firstname=<cfqueryparam value="Aiden"></cfquery>
|
debug
|
Optional; value and equals sign may be omitted
|
|
yes, or if omitted:
if debugging is enabled, but the Administrator Database Activity
option is not enabled, displays SQL submitted to the data source
and number of records returned by query.
no: if the Administrator Database Activity
option is enabled, suppresses display.
|
maxRows
|
Optional
|
-1 (All)
|
Maximum number of rows to return in record
set.
|
ormoptions
Added
in ColdFusion 9.0.1
|
Optional
|
|
A struct that takes orm options for executing
HQL. Applies only if dbtype is set to hql.
|
password
|
Optional
|
|
Overrides the password in the data source
setup.
|
result
|
Optional
|
|
Name for the structure in which cfquery returns
the result variables. For more information, see Usage.
|
timeout
|
|
|
Maximum number of seconds that each action
of a query is permitted to execute before returning an error. The
cumulative time may exceed this value.
For JDBC statements,
ColdFusion sets this attribute. For other drivers, see the driver documentation.
|
username
|
Optional
|
|
Overrides user name in the data source setup.
|
UsageUse this
tag to execute a SQL statement against a ColdFusion data source. Although
you can use the cfquery tag to execute any SQL
Data Definition Language (DDL) or Data Manipulation Language (DML)
statement, you typically use it to execute a SQL SELECT statement.
This
tag creates a query object, providing this information in query
variables:
Variable name
|
Description
|
|---|
query_name.currentRow
|
Current row of query that cfoutput is
processing.
|
query_name.columnList
|
Comma-separated list of the query columns.
|
query_name.RecordCount
|
Number of records (rows) returned from the
query.
|
The cfquery tag also returns
the following result variables in a structure. You can access these
variables with a prefix of the name you specified in the result attribute.
For example, if you assign the name myResult to
the result attribute, you would retrieve the name
of the SQL statement that was executed by accessing #myResult.sql#.
The result attribute provides a way for functions
or CFCs that are called from multiple pages, possibly at the same
time, to avoid overwriting results of one call with another. The
result variable of INSERT queries contains a key-value pair that
is the automatically generated ID of the inserted row; this is available
only for databases that support this feature. If more than one record
was inserted, the value can be a list of IDs. The key name is database-specific.
Variable name
|
Description
|
|---|
result_name.sql
|
The SQL statement that was executed.
|
result_name.recordcount
|
Number of records (rows) returned from the
query.
|
result_name.cached
|
True if the query was cached; False otherwise.
|
result_name.sqlparameters
|
An ordered Array of cfqueryparam values.
|
result_name.columnList
|
Comma-separated list of the query columns.
|
result_name.ExecutionTime
|
Cumulative time required to process the
query.
|
result_name.IDENTITYCOL
|
SQL Server only. The ID of an inserted row.
|
result_name.ROWID
|
Oracle only. The ID of an inserted row.
This is not the primary key of the row, although you can retrieve
rows based on this ID.
|
result_name.SYB_IDENTITY
|
Sybase only. The ID of an inserted row.
|
result_name.SERIAL_COL
|
Informix only. The ID of an inserted row.
|
result_name.GENERATED_KEY
|
MySQL only. The ID of an inserted row. MySQL
3 does not support this feature.
|
You can cache query results and execute
stored procedures. For information about this and about displaying cfquery output,
see the Developing ColdFusion Applications.
Because
the timeout attribute only affects the maximum
time for each suboperation of a query, the cumulative time may exceed
its value. To set a timeout for a page that might get a very large
result set, set the Administrator > Server Settings > Timeout
Requests option to an appropriate value or use the RequestTimeout
attribute of the cfsetting tag (for example, <cfsettingrequestTimeout="300">).
The
Caching page of the ColdFusion Administrator specifies the maximum number
of cached queries. Setting this value to 0 disables query caching.
You
cannot use ColdFusion reserved words as query names.
You
cannot use SQL reserved words as variable or column names in a Query
of Queries, unless they are escaped. The escape character is the
bracket []; for example:
SELECT [count] FROM MYTABLE.
For
a list of reserved keywords in ColdFusion, see Escaping
reserved keywords in the Developing ColdFusion Applications.
Example<!--- This example shows the use of CreateTimeSpan with CFQUERY ------>
<!--- to cache a record set. Define startrow and maxrows to ---->
<!--- facilitate 'next N' style browsing. ---->
<cfparam name="MaxRows" default="10">
<cfparam name="StartRow" default="1">
<!--------------------------------------------------------------------
Query database for information if cached database information has
not been updated in the last six hours; otherwise, use cached data.
--------------------------------------------------------------------->
<cfquery
name="GetParks" datasource="cfdocexamples"
cachedwithin="#CreateTimeSpan(0, 6, 0, 0)#">
SELECT PARKNAME, REGION, STATE
FROM Parks
ORDER BY ParkName, State
</cfquery>
<!--- Build HTML table to display query. ------------------------->
<table cellpadding="1" cellspacing="1">
<tr>
<td bgcolor="f0f0f0">
</td>
<td bgcolor="f0f0f0">
<b><i>Park Name</i></b>
</td>
<td bgcolor="f0f0f0">
<b><i>Region</i></b>
</td>
<td bgcolor="f0f0f0">
<b><i>State</i></b>
</td>
</tr>
<!--- Output the query and define the startrow and maxrows parameters.
Use the query variable CurrentCount to keep track of the row you are displaying. ------>
<cfoutput query="GetParks" startrow="#StartRow#" maxrows="#MaxRows#">
<tr>
<td valign="top" bgcolor="ffffed">
<b>#GetParks.CurrentRow#</b>
</td>
<td valign="top">
<font size="-1">#ParkName#</font>
</td>
<td valign="top">
<font size="-1">#Region#</font>
</td>
<td valign="top">
<font size="-1">#State#</font>
</td>
</tr>
</cfoutput>
<!--- If the total number of records is less than or equal to the total number of rows,
then offer a link to the same page, with the startrow value incremented by maxrows
(in the case of this example, incremented by 10). --------->
<tr>
<td colspan="4">
<cfif (StartRow + MaxRows) LTE GetParks.RecordCount>
<cfoutput><a href="#CGI.SCRIPT_NAME#?startrow=#Evaluate(StartRow + MaxRows)#">
See next #MaxRows# rows</a></cfoutput>
</cfif>
</td>
</tr>
</table>
|
|
|
