sql – 如何在ORDER BY子句中使用cfqueryparam？

在这种情况下,我试图允许用户动态控制ORDER BY子句.

<cfquery datasource="MyDSN" name="qIncidents">
  SELECT IncidentID,AnimalID,IntakeDate,DxDate,OutcomeDate
  FROM Incidents
  WHERE ShelterID = <cfqueryparam cfsqltype="cf_sql_integer" value="#Arguments.ShelterID#">
  ORDER BY <cfqueryparam cfsqltype="cf_sql_varchar" value="#SortBy#">
</cfquery>

当我这样做时,我收到以下错误：

The SELECT item identified by the ORDER BY number 1 contains a variable as part of the expression identifying a column position. Variables are only allowed when ordering by an expression referencing a column name.

有关如何安全地做到这一点的任何建议？