Gordon Messmer wrote: > Alessandro Vesely wrote: >> >> On the other hand, we cannot guarantee that prepared statements work >> in *all* cases. > > Why not?
Some forms of queries don't work. E.g. you cannot have parameters markers on bot sides of an comparison, as in "WHERE ? = ?", for mysql_stmt_prepare() wouldn't be able to infer operand types; and you cannot append a further statement, separated with a semicolon. I also read something obscure about stored procedures. That's in addition to quoting: "WHERE '$(local_part)' = ..." works when interpreted, while "WHERE $(local_part) = ..." works when prepared (as "WHERE ? = ...".) The patch does not work even with innocent question marks, like e.g. MYSQL_NAME_FIELD = IFNULL(user_name, 'uh?'). That's just laziness, and can be amended... ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
