>- see footer for list info -< Aidan, > Is there any point in using cfqueryparam in updates, > inserts and deletes? Do RDBMSs create execution plans > for them?
Some DBMSs use what are called "bind parameters" -- basically it compiles the query so it executes faster on future calls. <cfqueryparam> makes use of this functionality for DBMSs that support it. Things like Oracle (and I think SQL Server) do, whereas MySQL currently doesn't.. But even if you're using MySQL, it's still worth using them as a security measure -- <cfqueryparam> will make sure any information passed to the DB in the SQL statement is correctly formatted (e.g. escaping necessaru characters etc) and so help against possible SQL injection attacksl. Also, by using the cfsqltype="" argument will check that what you're actually passing in the value="" argument is valid for the data type. *All* my queries through CF are performed using <cfqueryparam>. Tim. -- ------------------------------------------------------- Badpen Tech - CF and web-tech: http://tech.badpen.com/ ------------------------------------------------------- RAWNET LTD - independent digital media agency "We are big, we are funny and we are clever!" New site launched at http://www.rawnet.com/ ------------------------------------------------------- This message may contain information which is legally privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any unauthorised disclosure, copying, distribution or use of this information is strictly prohibited. Such notification notwithstanding, any comments, opinions, information or conclusions expressed in this message are those of the originator, not of rawnet limited, unless otherwise explicitly and independently indicated by an authorised representative of rawnet limited. ------------------------------------------------------- _______________________________________________ For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo -- CFDeveloper Sponsors:- >- Hosting provided by www.cfmxhosting.co.uk -< >- Forum provided by www.fusetalk.com -< >- DHTML Menus provided by www.APYCOM.com -< >- Lists hosted by www.Gradwell.com -< >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help -<
