Is CFQueryParam something that can/should be used on INSERT and UPDATE
statements also? Would it improve performance there? Or is it just for
SELECTs?
Thanks,
Evan
> -----Original Message-----
> From: Dave Watts [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, February 01, 2001 9:20 AM
> To: CF-Talk
> Subject: RE: String to Int
>
>
> > > I don't know that I'd make that a blanket recommendation. If
> > > you use CFQUERYPARAM to make a prepared statement, you can't
> > > use CACHEDWITHIN/CACHEDAFTER with your CFQUERY tags. You'll
> > > want to determine which is more appropriate in a given case.
> > >
> > > In any case, you'll get better performance using stored
> > > procedures with SQL Server than you will with CFQUERYPARAM;
> > > Oracle, on the other hand, gets more out of prepared statements
> > > and less out of SPs than SQL Server does.
> >
> > True, but using CFQueryParam is a lot more secure than using
> > just Val()
>
> How so? If your concern is that the value passed may not be numeric, both
> will do the same thing. The only difference is that CFQUERYPARAM may also
> improve database processing performance.
>
> Dave Watts, CTO, Fig Leaf Software
> http://www.figleaf.com/
> voice: (202) 797-5496
> fax: (202) 797-5444
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
