tracker issue : CF-4126711

select a category, or use search below
(searches all categories and all time range)
Title:

Enhancement Request: CFQuery Analyzer

| View in Tracker

Status/Resolution/Reason: Closed/Won't Fix/

Reporter/Name(from Bugbase): Travis Walters / Travis Walters (Travis Walters)

Created: 03/09/2016

Components: Security Analyzer

Versions: 2016

Failure Type: Unspecified

Found In Build/Fixed In Build: Alpha_v31 /

Priority/Frequency: Trivial / Unknown

Locale/System: English / Win All

Vote Count: 0

I love the "Security Analyzer" and it sort of gave me an idea for a new feature in Blizzard - a "CFQuery Analyzer" to find common performance pitfalls.

#1 - I have seen some inexperienced ColdFusion programming code where the programmer used SELECT * instead of selecting only the columns that are actually needed. The analyzer could return chunks of code (page name, line number, cfquery name) where there are SELECT * statements.

#2 - We could encourage programmers to use the "maxrows" parameter in cfquery statements instead of SELECT TOP 100 or other database dependent row-limiting operations.

#3 - It is already in the "Security Analyzer" but if the programmer is not using cfqueryparam and should be, show a warning here as well.

#4 - If a server is defined in Blizzard, perhaps Bilzzard could interact with the server and the cfdbinfo tag to analyze the tables being used in those cfquery statements. Check to see if there is a primary key, indexes, etc defined.

#5 - If a cfquery is found that includes sql in the form of update or insert into and the cfquery is within some sort of cfloop, then perhaps there is a way to update multiple records at once, etc

#6 - Check to make sure cfquery tag sql statements use table names (and perhaps even schemas) along with the column names like select schema.table.column1 from schema.table, etc

I am sure there are other ways to improve cfquery performance and usage so please feel free to add on.

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	4126711

External Customer Info:
External Company:  
External Customer Name: Travis Walters
External Customer Email: TWALTERS84@HOTMAIL.COM
External Test Config:

Attachments:

Comments:

Adding BUG AUDIT TRAIL ********action: updated fieldName: State newValue: Closed oldValue: Open oprid: rukumar recordName: RQ_DEFECT timpestamp: 2015-08-18 14:44:58.0 action: updated fieldName: Status newValue: NeverFix oldValue: NeedsReview oprid: rukumar recordName: RQ_DEFECT timpestamp: 2015-08-18 14:44:58.0 action: updated fieldName: Reason newValue: Blank oldValue: Blank oprid: rukumar recordName: RQ_DEFECT timpestamp: 2015-08-18 14:44:58.0 action: updated fieldName: Date Closed newValue: 2015-08-18 07:44:57.0 oldValue: Blank oprid: rukumar recordName: RQ_DEFECT timpestamp: 2015-08-18 14:44:58.0 action: updated fieldName: Closed By newValue: rukumar oldValue: Blank oprid: rukumar recordName: RQ_DEFECT timpestamp: 2015-08-18 14:44:58.0 action: updated fieldName: Owner newValue: Blank oldValue: rukumar oprid: rukumar recordName: RQ_DEFECT timpestamp: 2015-08-18 14:44:58.0 action: updated fieldName: Owner newValue: rukumar oldValue: preethi oprid: preethi recordName: RQ_DEFECT timpestamp: 2015-07-31 05:41:28.0 action: updated fieldName: Reason newValue: Blank oldValue: Blank oprid: preethi recordName: RQ_DEFECT timpestamp: 2015-07-31 05:41:28.0 action: updated fieldName: Dev Assigned newValue: rakshith oldValue: uogra oprid: preethi recordName: RQ_DEFECT timpestamp: 2015-07-31 05:41:28.0 action: updated fieldName: Status newValue: NeedsReview oldValue: Unverified oprid: preethi recordName: RQ_DEFECT timpestamp: 2015-07-31 05:41:28.0 action: updated fieldName: Fix By Product Milestone newValue: Blank oldValue: Blank oprid: prk recordName: RQ_DEFECT timpestamp: 2015-07-23 05:49:47.0 action: updated fieldName: Dev Assigned newValue: uogra oldValue: sandeepp oprid: prk recordName: RQ_DEFECT timpestamp: 2015-07-23 05:49:47.0 action: updated fieldName: Product newValue: ColdFusion oldValue: ColdFusion Builder oprid: prk recordName: RQ_DEFECT timpestamp: 2015-07-23 05:49:47.0 action: updated fieldName: Version newValue: 12.0 oldValue: 3.1 oprid: prk recordName: RQ_DEFECT timpestamp: 2015-07-23 05:49:47.0 action: updated fieldName: QE Assigned newValue: preethi oldValue: prk oprid: prk recordName: RQ_DEFECT timpestamp: 2015-07-23 05:49:47.0 action: updated fieldName: Owner newValue: preethi oldValue: prk oprid: prk recordName: RQ_DEFECT timpestamp: 2015-07-23 05:49:47.0
Comment by CFwatson U.
3431 | March 09, 2016 04:44:33 AM GMT
Added By: PreRelease User User Name:Travis Walters Note Added: Entered Feature. Date Added :2015-07-15 13:29:39.0
Comment by CFwatson U.
3432 | March 09, 2016 04:44:34 AM GMT