On IRC, @apollo13 asked some very good questions about the lifecycle of
prepared statements. I would like to elaborate.
Prepared statements usually live on the server, in the context of a session --
which, for Django, means they're only valid in the thread where they were
built; without persistent connections, this would mean "only valid during the
processing of one request", but even with them, connections are sometimes
dropped. So, prepared statement objects cannot really be long-lived and reused
across requests.
So, I suspect the API:
> ps = MyModel.objects.filter(foo__lt=Param('a')).prepare()
Has good chances to become a mini-footgun -- it all-but tells users "prepare
me once, use me forever", but you really can't do that. It will pass tests
(run in a single thread over a single connection), and crash in production --
unless a prepared statement can somehow be aware of the connection state, and
take some measures (I don't currently see which) against it.
The main benefit of prepared statements comes when you can prepare them once
then use them many times (with different parameters); but this is very atypical
for Django apps (within a single request). I think if we want this feature, we
should "brand" its API as something for special uses, and give the right hints
about its link to the database session -- so, something like
qset = MyModel.objects.filter(foo__lt=Param('a'))
ps = connection.prepare(qset)
or maybe even
ps = connection.cursor().prepare(qset)
and also for execution:
results = cursor.execute(ps, a=7)
My 2 cents,
Shai.
--
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-developers.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-developers/201403252136.50615.shai%40platonix.com.
For more options, visit https://groups.google.com/d/optout.
