Andy Matthews wrote: > > A query has an incoming value which is the result of a previous query: > > WHERE id = #Val(getsite.id)# > > Should something like this be using a cfqueryparam or is it okay to leave as > is?
What happens if getsite does not return any rows? If you have that covered and getsite.id is a numeric type in the database, it is technically OK to leave it in. Performance is another issue. In general, if you want the DB to be able to reuse an execution plan, convert this to a cfqueryparam. If you don't want the database to reuse the execution plan, don't convert it. But without knowing a lot more about the schema and the usage pattern it is a bit hard to say whether execution plan reuse would be a win for you. Jochem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:266033 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4