Описание тега cfqueryparam
`<cfqueryparam>` is a ColdFusion tag that is used to parameterize values that are used in the `<cfquery>`
</cfquery></cfqueryparam>
Some of the benefits to using the <cfqueryparam>
tag include:
- All special characters are escaped
- Protection against SQL injection attacks.
- While ColdFusion is not strongly typed, SQL is. The CFSQLTYPE attribute converts the ColdFusion variables to the proper SQL type
NULL
s can be handled separately from blank strings- ColdFusion lists can be converted for use in SQL Select IN statements
- SQL can make better use of query plans
For more details
https://helpx.adobe.com/coldfusion/cfml-reference/coldfusion-tags/tags-p-q/cfqueryparam.html
For cfscript equivalent
Also see