If you have a form that gathers an element where the user can enter several items separated by commas, coldfusion gives you a couple of ways to deal with the sql statement. In older versions you might loop through the formelement.values. But in CF8 forward you can use CFQueryParam with the LIST=”yes” attribute.
Example
FormElement Favorite_fruits [apples,oranges,pears]
SQL -- Who else likes your favorite foods?
select people from favorite_foods_table
where favorite_fruits in (<cfqueryparam value="#favorite_fruits#" list="yes" />)
You may also need to deal with spaces between fruits by using character replacement. In this case I get rid of all spaces.
<cfqueryparam value="#rereplace(favorite_fruits, ' ', '','ALL')#" list="yes" />
