Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

which one is a better practice ?

Status
Not open for further replies.
FALCONSEYE

FALCONSEYE

Programmer
Jul 30, 2004
1,158
US
which one is a better practice?

<cfquery ....>
insert into ...
values (<cfqueryparam value="..." cfsqltype="cf_sql_integer" >
</cfquery>

or

<cfquery ....>
insert into ...
values (#FORM.myId#)
</cfquery>

in other words, is it efficient to use <cfqueryparam> in an insert ? thanks for the help
 
Sort by date Sort by votes
Cfqueryparam offers better securiety and format validation.

We've heard that a million monkeys at a million keyboards could produce the complete works of Shakespeare; now, thanks to the Internet, we know that is not true.
 
Upvote 0 Downvote
Yep, I use cfqueryparam on every query for that exact reason.


Hope This Helps!

ECAR
ECAR Technologies, LLC

"My work is a game, a very serious game." - M.C. Escher
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

oshinwa
  • Locked
  • Question
Which Call collector should I use and which one is compatible with my Ericsson BP250?
Replies
0
Views
390
oshinwa
oshinwa
RBGraphics
  • Locked
  • Question
Adobe Portfolio
Replies
0
Views
390
RBGraphics
RBGraphics
LyndonOHRC
  • Locked
  • Question
Javascript code will not execute if a cfdocument tag is in my document
Replies
1
Views
168
LyndonOHRC
LyndonOHRC
Kjonnnn
  • Locked
  • Question
What is is called when you end a domain with a folder name.
Replies
2
Views
129
Kjonnnn
Kjonnnn
ElizaShteto
  • Locked
  • Question
Split One Page in two separate Pages in Framemaker 11
Replies
0
Views
108
ElizaShteto
ElizaShteto

Part and Inventory Search

Sponsor

Back
Top