Oh no, I agree (the null is my fav of cfqueryparam). This was just a case of inheriting a large pile of code w/o cfqueryparams and the guy used '#quotedvars#' for his strings (and IDs for the matter) and me wanting to feel better about not trying to convert it all over... :)
On 8/8/07, Bryan Stevenson <[EMAIL PROTECTED]> wrote: > OK....let's all agree to disagree about added security from CFQUERYPARAM (even > though it does add security...na na na boo boo) ;-) > > Just remember it also: > -allows for additional maxlength validation (beyond your form inputs) > -uses BIND vars with DBs that support them to speed up queries > -adds additional data type checking (beyond your form validation) > -can insert a NULL in 1 line of code instead of: > <cfif NOT len(trim(MyVar))> > NULL, > <cfelse> > #MyVar# > </cfif> > > So is that about enough said folks...not just for security...can we put this > one > to bed....just use the dang tag and it's all good ;-) > > Cheers > > Bryan Stevenson B.Comm. > VP & Director of E-Commerce Development > Electric Edge Systems Group Inc. > phone: 250.480.0642 > fax: 250.480.1264 > cell: 250.920.8830 > e-mail: [EMAIL PROTECTED] > web: www.electricedgesystems.com > > Notice: > This message, including any attachments, is confidential and may contain > information that is privileged or exempt from disclosure. It is intended > only for the person to whom it is addressed unless expressly authorized > otherwise by the sender. If you are not an authorized recipient, please > notify the sender immediately and permanently destroy all copies of this > message and attachments. > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Enterprise web applications, build robust, secure scalable apps today - Try it now ColdFusion Today ColdFusion 8 beta - Build next generation apps Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285755 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
