> Personally, I see no reason for a CFQUERYPARAM being used > inside a CFC. It adds extra overhead and the protection that > it provides should be provided instead by the CFARGUMENT tag. > Does anyone see a reason for it in such a case? Data binding?
How exactly would you provide the requisite protection with the CFARGUMENT tag? CFARGUMENT lets me limit input to, say, a string. It doesn't let me tell the database that the string is just data, which is what CFQUERYPARAM does. In addition, using CFQUERYPARAM to build prepared statements generally improves performance. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:194816 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
