Best Pratices for using Firedac


Is there a more secure way to pass parameters to a query?


    TFDQuery(Qry).SQL.Add('select * from table where id= :id');
    // option 1
    TFDQuery(Qry).Parambyname('id').AsFloat := valueFloat;
    //or  option 2
   TFDQuery(Qry).Parambyname('id').AsValue := valueFloat;
   // or option 3
   TFDQuery(Qry).ParamByName(‘id’).DataType := ftFloat;
   TFDQuery(Qry).Parambyname('id').AsFloat := valueFloat; 
   //or option 4
  // id in bd is Float
  TFDQuery(Qry).Parambyname('id').AsString := valueString; 

 Performance question, any of these ways of changing using Firedac?



Responses (1)
  • Accepted Answer

    Sunday, March 19 2017, 02:38 PM - #Permalink

    My assumption is that is the secure way to do it. Other languages handle it in a similar fashion.

    The reply is currently minimized Show
Your Reply

Please login to post a reply.........