Fixed
Details
Details
Assignee
Pothys - MitrahSoft
Pothys - MitrahSoftReporter
Zac Spitzer
Zac SpitzerPriority
New Issue warning screen
Before you create a new Issue, please post to the mailing list first https://dev.lucee.org
Once the issue has been verified, one of the Lucee team will ask you to file an issue
Created 27 February 2022 at 15:50
Updated 23 January 2025 at 17:13
Resolved 14 March 2022 at 14:32
i love being able to pass arrays, but it should be opt in, not auto magical
this behaviour only makes sense for a single use case
i.e. with
WHERE id in (<cfqueryparam...>)
otherwise it generates invalid sql
WHERE id = 1,2
and Lucee has several ways for user input to become arrays
I believe it’s also a minor performance issue, as we don’t need to check if every queryparam is a list or an array
https://github.com/lucee/Lucee/blob/5.3/core/src/main/java/lucee/runtime/tag/util/QueryParamConverter.java#L296