> WOW! Thanks for all the feedback! One question > about CFQUERYPARAM, I use this when I accept anything > that is available to the general public, but is it > necessary to use this when the form is only accessible > via username/password?
I would use it regardless of who is going to be hitting those queries. You never know when some nefarious person is going to break into an admin account and start probing around. > Is there ever a reason not to use CFQUERYPARAM? Before ColdFusion 8 was released, you could not use CFQUERYPARAM in conjunction with a cached query. CF8 now allows that (yea!). -Justin ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323311 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
