fix: Replace remaining params=[] in models, views, and event handler

The previous commit fixed controllers only. This catches the remaining
broken params=[] calls in models (LoginAttempt, User, RememberToken,
PasswordReset), views (blog, comments, categories), event handler
(remember-me auth), and BlogController title uniqueness check.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: bpamiri

app/controllers/web/BlogController.cfc

@@ -653,15 +653,13 @@ component extends="app.Controllers.Controller" {
             );
 
             if(structKeyExists(form, "title")) {
-                var whereClause = "title = ?";
-                var whereParams = [form.title];
+                var whereClause = "title = '#form.title#'";
 
                 if(structKeyExists(form, "id") && isNumeric(form.id) && form.id > 0) {
-                    whereClause &= " AND id != ?";
-                    arrayAppend(whereParams, form.id);
+                    whereClause &= " AND id != #val(form.id)#";
                 }
 
-                var blogModel = model("Blog").findAll(where=whereClause, params=whereParams);
+                var blogModel = model("Blog").findAll(where=whereClause);
 
                 if(blogModel.recordCount != 0) {
                     renderText('<span class="text-danger">A blog already exists with this title!</span><input type="hidden" id="titleExists" value="1">');
@@ -792,9 +790,8 @@ component extends="app.Controllers.Controller" {
         }
 
         // Fetch all related users at once
-        var authorPlaceholders = repeatString("?,", arrayLen(authorIds));
-        authorPlaceholders = left(authorPlaceholders, len(authorPlaceholders) - 1);
-        authors = model("User").findAll(where="id IN (#authorPlaceholders#)", params=authorIds, returnAs="structs");
+        var authorIdList = arrayToList(authorIds);
+        authors = model("User").findAll(where="id IN (#authorIdList#)", returnAs="structs");
 
         // Map authors by ID for quick lookup
         authorMap = {};

app/events/onrequeststart.cfm

@@ -24,11 +24,11 @@ if (!structKeyExists(session, "userID") && structKeyExists(cookie, "remember_me"
 
         // Look up remember-me record
         var record = model("RememberToken").findOne(
-            where = "token = ? AND expiresAt > ? AND userAgent = ?", params = [hashedToken, now(), cgi.http_user_agent]
+            where = "token = '#hashedToken#' AND expiresAt > '#dateTimeFormat(now(), "yyyy-MM-dd HH:nn:ss")#' AND userAgent = '#cgi.http_user_agent#'"
         );
 
         if (isObject(record)) {
-            var user = model("User").findOne(where="id = ?", params=[record.userId], include="Role");
+            var user = model("User").findOne(where="id = #val(record.userId)#", include="Role");
             if (isObject(user)) {
                 // Rebuild session
                 session.userID = user.id;
@@ -87,13 +87,13 @@ if (!structKeyExists(session, "userID") && structKeyExists(cookie, "remember_me"
             }
         }else{
             var record = model("RememberToken").findOne(
-                where = "token = ?", params = [hashedToken],
+                where = "token = '#hashedToken#'",
                 includeSoftDeletes = true
             );
             if(isObject(record)){
                 // Suspicious activity
                 if (record.userAgent NEQ cgi.http_user_agent) {
-                    model("RememberToken").deleteAll(where="userId = ?", params=[record.userId]);
+                    model("RememberToken").deleteAll(where="userId = #val(record.userId)#");
 
                     model("Log").log(
                         category = "wheels.auth",
@@ -107,7 +107,7 @@ if (!structKeyExists(session, "userID") && structKeyExists(cookie, "remember_me"
                     );
                 }else{
                     // Expired attempt
-                    model("RememberToken").deleteAll(where="userId = ?", params=[record.userId]);
+                    model("RememberToken").deleteAll(where="userId = #val(record.userId)#");
                     model("Log").log(
                         category = "wheels.auth",
                         level = "WARN",

app/models/LoginAttempt.cfc

@@ -51,15 +51,15 @@ component extends="app.Models.Model" {
     // Check if user is locked out (either by failed attempts or admin lock)
     public function isUserLocked(required string email) {
         // First check if user is manually locked by admin
-        var user = model("User").findOne(where="email = ?", params=[arguments.email]);
+        var user = model("User").findOne(where="email = '#arguments.email#'");
         if (!isNull(user) && user.locked) {
             return true;
         }
 
         // Check for automatic lock due to failed attempts within the last 15 minutes
         var cutoff = dateAdd("n", -15, now());
         var attempts = findAll(
-            where="email = ? AND createdAt > ?", params=[arguments.email, cutoff]
+            where="email = '#arguments.email#' AND createdAt > '#dateTimeFormat(cutoff, "yyyy-MM-dd HH:nn:ss")#'"
         );
         return attempts.recordCount >= 3;
     }
@@ -68,7 +68,7 @@ component extends="app.Models.Model" {
     public function getRemainingAttempts(required string email) {
         var cutoff = dateAdd("n", -15, now());
         var attempts = findAll(
-            where="email = ? AND createdAt > ?", params=[arguments.email, cutoff]
+            where="email = '#arguments.email#' AND createdAt > '#dateTimeFormat(cutoff, "yyyy-MM-dd HH:nn:ss")#'"
         );
         return 3 - attempts.recordCount;
     }
@@ -83,6 +83,6 @@ component extends="app.Models.Model" {
 
     // Clear failed attempts for a user
     public function clearFailedAttempts(required string email) {
-        return deleteAll(where="email = ?", params=[arguments.email]);
+        return deleteAll(where="email = '#arguments.email#'");
     }
 } 

app/models/PasswordReset.cfc

@@ -19,7 +19,7 @@ component extends="app.Models.Model" {
     // Find active reset token
     public function findActiveToken(required string token) {
         return findOne(
-            where="token = ? AND expires_at > ? AND used = 0", params=[arguments.token, now()]
+            where="token = '#arguments.token#' AND expiresAt > '#dateTimeFormat(now(), "yyyy-MM-dd HH:nn:ss")#' AND used = 0"
         );
     }
 

app/models/RememberToken.cfc

@@ -75,12 +75,12 @@ component extends="app.Models.Model" {
     // Find token by value
     public function findByToken(required string token) {
         return findOne(
-            where="token = ? AND expires_at > ?", params=[arguments.token, now()]
+            where="token = '#arguments.token#' AND expiresAt > '#dateTimeFormat(now(), "yyyy-MM-dd HH:nn:ss")#'"
         );
     }
 
     // Delete expired tokens
     public function deleteExpiredTokens() {
-        return deleteAll(where="expires_at <= ?", params=[now()]);
+        return deleteAll(where="expiresAt <= '#dateTimeFormat(now(), "yyyy-MM-dd HH:nn:ss")#'");
     }
 } 

app/models/User.cfc

@@ -216,7 +216,7 @@ component extends="app.Models.Model" {
 
     // Check if user has submitted a testimonial
     public function hasSubmittedTestimonial() {
-        testimonial = model("Testimonial").findOne(where="userId = ?", params=[this.id]);
+        testimonial = model("Testimonial").findOne(where="userId = #val(this.id)#");
         return IsObject(testimonial);
     }
 

app/views/admin/AdminController/blog.cfm

@@ -51,7 +51,7 @@
                                     <cfscript>
                                         var categories = model("BlogCategory").findAll(
                                             select = "name",
-                                            where = "blogId = ?", params=[blogs.id[i]],
+                                            where = "blogId = #val(blogs.id[i])#",
                                             include = "Blog,Category"
                                         );
                                         var categoryNames = valueList(categories.name);

app/views/admin/AdminController/comments.cfm

@@ -29,7 +29,7 @@
                                         #left(comments.content[j], 30)#
                                     </a></td>
                                 <td>
-                                    <cfset  parentComment= model("comment").findAll(select="content", where="id = ?", params=[comments.commentParentId[j]])>
+                                    <cfset  parentComment= model("comment").findAll(select="content", where="id = #val(comments.commentParentId[j])#")>
                                     #left(parentComment.content, 30)#
                                 </td>
                                 <td>#comments.FullName[j]#</td>

app/views/admin/AdminController/partials/_blogs.cfm

@@ -48,7 +48,7 @@
                             <cfscript>
                                 var categories = model("BlogCategory").findAll(
                                     select = "name",
-                                    where = "blogId = ?", params=[blogs.id[i]],
+                                    where = "blogId = #val(blogs.id[i])#",
                                     include = "Blog,Category"
                                 );
                                 var categoryNames = valueList(categories.name);

app/views/admin/AdminController/partials/_commentView.cfm

@@ -14,7 +14,7 @@
                     <tr>
                         <th>Parent comment:</th>
                         <td>
-                            <cfset  parentComment= model("comment").findAll(select="content", where="id = ?", params=[comments.commentparentId])>
+                            <cfset  parentComment= model("comment").findAll(select="content", where="id = #val(comments.commentparentId)#")>
                             #left(parentComment.content, 30)#
                         </td>
                     </tr>