tracker issue : CF-4186779

select a category, or use search below
(searches all categories and all time range)

Unscoped vars in Query.cfc

| View in Tracker

Status/Resolution/Reason: Closed/Won't Fix/Workaround

Reporter/Name(from Bugbase): John Whish / John Whish (John Whish)

Created: 09/05/2016

Components: Database

Versions: 2016

Failure Type: Data Corruption

Found In Build/Fixed In Build: CF2016_Final /

Priority/Frequency: Minor / Unknown

Locale/System: ALL / Mac 10.9 64 bit

Vote Count: 5

Problem Description:

There appears to be unscoped vars in parseSQL of query.cfc (which is shipped with ColdFusion in the com.adobe.coldfusion package) which could have unintended side effects.

1) In the switch statement `switch(sqlType)` it sets a variable `s`. This is only scoped for the first case of `posSql` it should be scoped for all cases. 
2) The `continueloop` variable is unscoped.

Use queryExecute.

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	4186779

External Customer Info:
External Company:  
External Customer Name: John Whish
External Customer Email:  
External Test Config: My Hardware and Environment details:



Its a valid bug but there is no active development on these CFCs and we recommend to use QueryExecute function. So closing this issue. Please let us know if you face any issue related to QueryExecute.
Comment by Nimit S.
1881 | September 28, 2016 01:52:48 AM GMT
Can you mark all of the functions implemented as CFCs (like query.cfc) as deprecated in the next release (if it hasn't been so noted in CF 2016 or earlier)? The sooner peiple switch away from them, the better.
Comment by External U.
1882 | September 28, 2016 08:45:47 AM GMT
Hi Carl and Nimit, +1 to marking those functions as deprecated, since they no longer get bug fixes. I've filed CF-4196851 for the same. Thanks!, -Aaron
Comment by External U.
1883 | October 20, 2016 11:06:18 PM GMT
This should be removed completely. If it's broken and won't be fixed, then do not ship it. At the very least it should be documented as unsupported and deprecated, but shipping broken functionality doesn't seem like a great idea.
Comment by John W.
1884 | December 15, 2016 10:39:33 AM GMT
Test comment on behalf of Aaron
Vote by Anit K.
1889 | December 15, 2016 01:38:58 PM GMT
Test comment on behalf of Aaron
Comment by Anit K.
1885 | December 15, 2016 01:39:17 PM GMT
testing -Aaron
Comment by Aaron N.
1886 | December 15, 2016 01:41:11 PM GMT
Testing with "
Comment by Anit K.
1887 | December 16, 2016 09:20:18 AM GMT
+1 - Test vote
Vote by Aaron N.
1890 | July 20, 2017 01:36:29 AM GMT
Vote Comment +1 - Another test vote
Comment by Aaron N.
1888 | July 20, 2017 01:36:55 AM GMT