Cfqueryparam has 2 purposes, to paramatise the params which adds your injection security and to create a prepared statement for better execution plan. It seems the execution plan is where u need to look for problems. But a workaround would be to use cfparam outside the cfquery instead if cfqueryparam, which would do the same job as far as sql injection protection from paramatisation goes.
Regards Russ Michaels >From my mobile On 25 Apr 2012 20:37, "Christopher Watson" <[email protected]> wrote: > > Actually, the prolonged execution times are for simple tables where the > proper indexing has been in place. > > For assessment purposes, we have removed the <cfqueryparam> tags from that > set of queries in our processes that manipulate the tables on which we are > seeing the degradation in the profiler. We will look at the profiler data > again in the morning to see if any of the same prolonged execution times > exist. If not, then we'll stick with no <cfqueryparam> tags, since this is > all related to tables and column data types and values where we have > complete internalized control, and there really is no compelling reason to > have the <cfqueryparam> tags in there. We'd LIKE to have them in there > anyway, because of the other benefits realized. But if using them causes > this degradation, and removing them does not, we'll opt for the latter. > > > It could be that you are not indexing the columns you're using > > variable data to search on. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:350838 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
