> See thats why you are a fool ... Calling Jochem a fool is not only unwarranted, but so far off the mark I don't know where to begin. Suffice it to say we need more fools like that.
> Now thats also one reason I made the coment on cfqueryparam, > if I control the information that is going into the > cffunction and the conditons no matter where they come from > are controled before the query occurs, I do not need to use > cfqueryparm. But as I stated earlier, people still use it > under the premise that the function will only accept a > numeric value, and the argument is type as numeric if > anything else is passed in its going to fail anyway, but > these people still play it safe and follow best practice and > use the cfqueryparam. It appears to me that you fundamentally misunderstand what CFQUERYPARAM does, and why exactly you should use it. CFQUERYPARAM does something that you can't otherwise do from within CF code - it lets you separate data values from executable SQL code. Type-checking your variables is not a substitute for this, because you would still end up with a single string of SQL with your embedded value in it. > Now as I said and as Sean stated on its own its not a threat > to anything, but as I also stated I can't assume on how > another programmer might use this, or even how my > requirements might change and if you can be absolutly 100% > sure that that variable set will never enter a race condition > and I mean that another thread can't be running at the same > time that could be influenced by this variable then don lock > it, but if you can't be 100% sure then lock it and be safe > about it. There are plenty of cases where you can be 100% sure, either that there won't be a race condition or that the outcome of a race condition won't matter. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275276 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
