Hi In keeping with the theme of Performance Tuesday, I thought I'd ask a question about a particular implementation aspect since it potentially relates to performance.
My question is: we don't appear to be using SQL prepared statements when accessing the database; why is this? Given the amount of SQL being executed, there's potentially a significant performance gain to be had, not to mention the reduced potential for SQL injection type attacks on the system. Having come from an Oracle background, using prepared statements is a no brainer for me. Perhaps there's a Python/Postgres issue I'm not aware of? Thanks for any insight. _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
