> OK, I must have something wrong here. I've only heard good > things about cfqueryparam on this list for both security and > performance. A client sent me an ugly report that times out > for them. I spent an hour going through it and applying > cfqueryparams to each variable in the many queries with > appropriate datatypes. I threw a cfsetting tag in to increase > the request timeout and the report runs in roughly about > 512687 ms, restarted MSSQL server and CFMX7, then with the > cfqueryparams the same query that was running in 5282ms in > the old code, now takes 15094ms.
Those good things are somewhat general - I've seen several cases where using CFQUERYPARAM decreases performance, and many more where the performance gain is negligible. If you need it for security reasons, though, you should probably just keep it. You might want to take a look at your query execution plan, and see what's different when using a prepared statement. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:265233 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
