I'm trying to determine if cfqueryparam is really worth using. For data validation, we tend to do something like this:
SELECT username FROM user where userID = #int(URL.userID)# the nice thing about this is that if "URL.userID" isn't an integer, int() returns 0, and the query executes and simply returns no records. For us, this is a far preferable method than what cfqueryparam would do, which is to bomb before executing the query. Then today I discovered that cfqueryparam supports bind variables, which theoretically will improve database performance. So now the question is: how much does it improve performance? Am I really going to notice it? Should I really switch my queries over to something like this: SELECT username FROM user where userID = <cfqueryparam CFSQLType="CF_SQL_INTEGER" value=#int(URL.user_id)#> Any advice is appreciated. Thanks, Ben ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Get the answers you are looking for on the ColdFusion Labs Forum direct from active programmers and developers. http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72&catid=648 Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285964 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
