There is a theoretical performance gain, because the DB server can cache they query plan, and just plug in differing values for different queries. However, the more important benefit is SQL injection protection.
To my knowledge the behaviour hasn't changed between 5 and 7, but I could be wrong. Have to check the docs to be sure. cheers, barneyb On 2/13/06, Duncan <[EMAIL PROTECTED]> wrote: > What is the difference of doing this: > > <cfif getClient.saveAsUnicode eq 1>N</cfif>'#address#', > > over this: > > <cfqueryparam value="#address#" cfsqltype="cf_sql_varchar"> > > Is there a performance gain? > How does CF handle this differently? > Does cfqueryparam behave the same in 5,6 and 7? > Does SQL do anything differently? > > Any general points would also be grateful. > > I am just trying to understand the differences better - I know > everyone goes around saying you must use cfqueryparam beacuse its > better, security etc etc. So I am just trying to validate this a bit. > > -- > Duncan I Loxton -- Barney Boisvert [EMAIL PROTECTED] 360.319.6145 http://www.barneyb.com/ Got Gmail? I have 100 invites. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:232158 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
