James,
Not sure about the join fashion trend (I use the WHERE clause), but I'm pretty sure using cfqueryparam increases query speeds and improves security (from unautorised users:
cfqueryparam
Verifies the data type of a query parameter and, for DBMSs that support bind variables, enables
James Smith wrote:
FROM table1 x JOIN table2 y ON x.ID = y.ID
FROMtable1 x, table2 y
WHERE x.ID = y.ID
This has the added benefit of taking the place of the 'WHERE 0=0' line we
recently discussed.What are the benefits of one form of inner join over
the other or is it just today's SQL
Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 16, 2004 6:53 AM
To: CF-Talk
Subject: RE: SQL query style (WAS: SQL search query)
James,
Not sure about the join fashion trend (I use the WHERE clause),
but I'm pretty sure using cfqueryparam increases
OK, if it improves performance it is worth using, but I am not sure what the
requirement for verifying the data type is, almost all queries that use a
variable are using one that you as the programmer have passed to it and
therefore have control of its verification before it ever gets to the
James Smith wrote:
OK, if it improves performance it is worth using, but I am not sure what the
requirement for verifying the data type is, almost all queries that use a
variable are using one that you as the programmer have passed to it and
therefore have control of its verification before
OK, if it improves performance it is worth using, but I am not sure what
the
requirement for verifying the data type is, almost all queries that use
a
variable are using one that you as the programmer have passed to it and
therefore have control of its verification before it ever gets to
SQL.For more info, check out this article:
http://www.macromedia.com/devnet/mx/coldfusion/articles/cfqueryparam.htm
l
-Joe
-Original Message-
From: James Smith [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 16, 2004 8:01 AM
To: CF-Talk
Subject: RE: SQL query style (WAS: SQL
James Smith wrote:
And you think the average cfform and cfinput tag is sufficient? I
don't.
OK, but even if the wrong data type is supplied to the query what will
happen, you will get an error.
No. You will get a different SQL statement executed as you
intended to be executed.
If the
On Wed, 16 Jun 2004 08:06:16 -0400, Joe Rinehart wrote:
CFQUERYPARAM does provide a layer of typing that running a basic query
misses.For instance, if you have this query:
SELECT firstname, lastname FROM employees WHERE employeeId =
#url.employeeId#
and I change the value of
Thanks to Joe and Philip for helpful, explanatory answers.Jochem, you must
have got out of bed on the wrong side today because you are normally very
helpful on this list, today, not so much.
I will be using CFQUERYPARAM from today.
--
Jay
[Todays Threads]
[This Message]
[Subscription]
Was trying to be nice.We all know command line access is only one
stored procedure away :).
-joe
-Original Message-
From: Philip Arnold [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 16, 2004 8:14 AM
To: CF-Talk
Subject: Re: SQL query style (WAS: SQL search query)
On Wed
I agree in theory, but you can't use it with cached queries.
You should ALWAYS use CFQUERYPARM on EVERY query, no matter what
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
[Donations and Support]
= '#form.fullname#'/cfquery
-Joe
-Original Message-
From: Pascal Peters [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 16, 2004 8:27 AM
To: CF-Talk
Subject: RE: SQL query style (WAS: SQL search query)
I agree in theory, but you can't use it with cached queries.
You should ALWAYS use
On Wed, 16 Jun 2004 14:27:24 +0200, Pascal Peters wrote:
You should ALWAYS use CFQUERYPARM on EVERY query, no matter what
I agree in theory, but you can't use it with cached queries.
Store the queries in a persistant scope, such as Application - it's
simple enough and gives you just as
Pascal Peters wrote:
I agree in theory, but you can't use it with cached queries.
So tell Macromedia to fix cfqueryparam:
http://www.macromedia.com/go/wish/
Jochem
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
[Donations and Support]
2004 13:47
To: CF-Talk
Subject: Re: SQL query style (WAS: SQL search query)
On Wed, 16 Jun 2004 14:27:24 +0200, Pascal Peters wrote:
You should ALWAYS use CFQUERYPARM on EVERY query, no matter what
I agree in theory, but you can't use it with cached queries.
Store the queries
QUOTEMacromedia recommends that you use the cfqueryparam
tag within every cfquery tag, to help secure your databases
from unauthorized users./QUOTE
Macromedia clearly think it is relevant, would you care to
elaborate on why you think it isn't?
They're using the phrase unauthorized users
While we are on the subject I have noticed recently that more
and ore people are joining tables using the...
FROM table1 x JOIN table2 y ON x.ID = y.ID
And I am wondering if there is a reason for this.Sure I use
this syntax for my outer joins but inner joins I still do the
old
for instance?
Robert O.
-Original Message-
From: Dave Watts [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 16, 2004 12:59 PM
To: CF-Talk
Subject: RE: SQL query style (WAS: SQL search query)
While we are on the subject I have noticed recently that more
and ore people are joining tables
19 matches
Mail list logo
