(1) For example, a lousy one:
<HTML>
<HEAD>
<TITLE>Executing SQL Queries
to the supply database</TITLE>
<!--
Cold
Fusion program for executing a SQL statement.
-->
</HEAD>
<BODY bgcolor="#ccccff">
<CFIF Not IsDefined("FORM.sql")>
<!--- No SQL
Statement, print forms: --->
The following tables are in
the database:
<P>
Supplier(<U>SNum</U>,
SName, SCity, Status)<BR>
Part(<U>PNum</U>, PName,
Color, Weight, PCity)<BR>
Supply(<U>SNum</U>, <U>PNum</U>,
Quantity)
<P style="font-color:blue">
Enter a select sql command to query the above
relations.</p>
<FORM method="post">
<TEXTAREA
name="sql" rows=10 cols=70></TEXTAREA><p>
<INPUT
type="submit" value="Submit Query">
<INPUT
type="reset">
</FORM>
<CFELSE>
<!--- print sql resullt.
--->
<CFOUTPUT>Your query: <SPAN
STYLE="color:blue">#Form.sql#</SPAN><p>
</CFOUTPUT>
<CFIF CompareNoCase(GetToken(Form.sql,
1), "select") IS NOT 0>
<!---
Not a selected statement as the first token is not 'select'
--->
This
is not a select statement. Only select statement is allowed.
Please
try again.
<CFELSE>
<!---
Try to execute the sql command. Set DBError to "Y" if there
is a syntax error.
--->
<CFTRY>
<CFSET DBError = "N">
<CFQUERY NAME="SQLQUERY" DATASOURCE="f99demo1">
#Form.sql#
</CFQUERY>
<CFCATCH
TYPE="Database">
<CFSET DBError = "Y">
</CFCATCH>
</CFTRY>
<p>
<CFIF DBError
IS "Y">
Your sql statement contains syntax errors. Please try again.
<CFELSE>
<!--- Print result table. --->
<TABLE BORDER=1>
<TR>
<CFLOOP INDEX="ColName" LIST=#SQLQUERY.ColumnList#>
<CFOUTPUT><TD><SPAN STYLE="color:blue">#ColName#</SPAN></TD></CFOUTPUT>
</CFLOOP>
</TR>
<CFLOOP QUERY="SQLQUERY">
<TR>
<CFLOOP INDEX="ColName" LIST=#SQLQUERY.ColumnList#>
<CFOUTPUT><TD>#EVALUATE("SQLQUERY.#ColName#")#</CFOUTPUT>
</CFLOOP>
</CFLOOP>
</TABLE>
</CFIF>
</CFIF>
</CFIF>
</BODY>
</HTML>