Nope, CFQUERYPARAM is a super great tag, it has many plus's, but the interesting one is that it boosts performance on queries. It's kinda inbetween not using stored proceedures and stored proceedures ... it allows the database server to prefigure-out the query so it doesn't have to do it over and over ... thus a performance boost ... there are also some security reasons to use it.
Paul Giesenhagen QuillDesign ----- Original Message ----- From: "Chad Gray" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Thursday, August 01, 2002 4:35 PM Subject: RE: watching a form for illegal SQL characters > Is that a new tag? I see it mentioned a few times and I have never used > it. I will start reading. :) > > -----Original Message----- > From: Jochem van Dieten [mailto:[EMAIL PROTECTED]] > Sent: Thursday, August 01, 2002 4:30 PM > To: CF-Talk > Subject: Re: watching a form for illegal SQL characters > > Chad Gray wrote: > > Can anyone recommend a good way to filter " ' etc out of forms so on > the > > action page the SQL does not crash? > > cfqueryparam > > Jochem > > > ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
