I don't think for the case of security that it's required as it may not contain actual DB content or be derived from DB content.
"This e-mail is from Reed Exhibitions (Gateway House, 28 The Quadrant, Richmond, Surrey, TW9 1DN, United Kingdom), a division of Reed Business, Registered in England, Number 678540. It contains information which is confidential and may also be privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s) please note that any form of distribution, copying or use of this communication or the information in it is strictly prohibited and may be unlawful. If you have received this communication in error please return it to the sender or call our switchboard on +44 (0) 20 89107910. The opinions expressed within this communication are not necessarily those expressed by Reed Exhibitions." Visit our website at http://www.reedexpo.com -----Original Message----- From: Mary Jo Sminkey To: CF-Talk Sent: Mon Jan 22 19:06:15 2007 Subject: Re: Is <cfqueryparam cfsqltype="cf_sql_varchar" Necessary? >> As a followup to this...is there any reason to use a cfqueryparam in a >> query-of-query? If it's not otherwise needed to prevent SQL injection >> that is? > >Yes, it helps to disambiguate the datatype. For whom, the developer? ColdFusion? I guess I should clarify my question as to whether there is any performance gain (or loss) by using it with a QofQ. MJS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http:http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:267197 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
