> Should I really switch my queries over to something like this: > > SELECT username > FROM user > where userID = <cfqueryparam CFSQLType="CF_SQL_INTEGER" > value=#int(URL.user_id)#> I would do without the Int part, myself, and just catch the appropriate Exception. That's what exceptions are for! Wouldn't it be better to validate the URL.user_id before getting to the query? -Randy -------Original Message------- From: Dave Watts Date: 08/10/07 12:28:08 To: CF-Talk Subject: RE: Is cfqueryparam worth it? > the nice thing about this is that if "URL.userID" isn't an > integer, int() returns 0, and the query executes and simply > returns no records. For us, this is a far preferable method > than what cfqueryparam would do, which is to bomb before > executing the query. You'd rather run a query unnecessarily than avoid running the query? Why not just catch the exception? > Then today I discovered that cfqueryparam supports bind > variables, which theoretically will improve database > performance. So now the question is: how much does it > improve performance? Am I really going to notice it? In some cases, you'll see significant performance increases. In other cases, you won't. In still other cases, you may see performance degradation. All that said, I'd recommend that you use it in every case, because it will generally provide better performance in most cases. > Should I really switch my queries over to something like this: > > SELECT username > FROM user > where userID = <cfqueryparam CFSQLType="CF_SQL_INTEGER" > value=#int(URL.user_id)#> I would do without the Int part, myself, and just catch the appropriate exception. That's what exceptions are for! Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Enterprise web applications, build robust, secure scalable apps today - Try it now ColdFusion Today ColdFusion 8 beta - Build next generation apps Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:287155 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
