Hi, I'm an Italian boy who is trying to use CF using helm..... .....I've a problem with an SQL operation and I need help. I hope you can help me. The query is:
<cfquery datasource="fantabasket" name="sel"> SELECT users.simbolo, Users.squadra, Classifica.punti, Classifica.pgioc, Classifica.pv, Classifica.pp, Classifica.ptot FROM Classifica INNER JOIN Users ON Classifica.id_users = Users.id_users ORDER BY Classifica.punti DESC , Classifica.ptot DESC </cfquery> Helm give me this error (the attached file): do you know why? Tanks for all Samuele Spinelli ----- Original Message ----- From: "Steve Martin" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, November 12, 2003 10:07 AM Subject: RE: [ cf-dev ] Use of <cfqueryparam> CFQUERYPARAM parameterises the SQL in that irrespective of the variable values being used in the query, the actual SQL query is the same in every execution with the parameters being passed in seperately. This allows the RDBMS to precompile & cache execution plans once for the general query template as opposed to each time a subtley different query is submitted. Oh, and it also prevents SQL injection hacking as a useful side effect. Steve > -----Original Message----- > From: Terry Riley [mailto:[EMAIL PROTECTED] > Sent: 11 November 2003 13:30 > To: [EMAIL PROTECTED] > Subject: [ cf-dev ] Use of <cfqueryparam> > > > I've seen a lot of code lately where the query (either extracting, > inserting or updating information) uses the > > <cfqueryparam value="#xxx#"> in the WHERE clause, without > qualifying the > parameter with a cfsqltype. > > I can understand the use of the cfqueryparam with a cfsqltype > and other > attributes as one way of preventing cross-site scripting (adding > additional text to the string to do something evil), but see > no point in > using > > 'WHERE ID = <cfqueryparam value="#url.ID#">' > > as opposed to > > 'WHERE ID = "#url.ID#"' > > Is there one? Is it faster? Manuals and googles don't seem to > come up with > an answer..... > > Cheers > Terry > > -- > ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ > > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > For human help, e-mail: [EMAIL PROTECTED] > > -- ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For human help, e-mail: [EMAIL PROTECTED]
-- ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For human help, e-mail: [EMAIL PROTECTED]
