Rick Root wrote: > I always thought of <cfqueryparam> as primarily a security tag to help > avoid SQL injection. Honestly, I now think that's really a secondary > purpose. It's all about performance! > > We have a table with email addresses for some 80,000 alumni here at > Duke. When I do an email search without using cfqueryparam against our > DB2 mainframe, it takes about 2500ms to return... if I do another > lookup, it takes another 2500ms. > > However, if I use a bind variable, the first takes 2500ms, and then the > second only takes about 500ms.
Yup, that's because it creates prepared statements so it's got the execution plan cached. For next time. All you have to do is fill in the gaps, and Bob's your father's brother. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:195304 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
