Lukas Kahwe Smith wrote:
Martijn van Oosterhout wrote:
On Thu, Aug 31, 2006 at 11:27:18AM -0400, Tom Lane wrote:
I'd wish that we reconsider when and how prepared statements are used. The JDBC interface and PL/pgSQL are frequently noticed perpetrators, but the problem is really all over the place.
AFAIK those are the only two places where preparation is the default
... what else were you thinking of?

Perl DBI (DBD::Pg) defaults to prepared plans when connecting to a
version 8.0 or higher server.

Or at least, that's the way I read the documentation.

AFAIK this is also the case for PHP PDO extension, which is bundled since PHP 5.1.

BTW: PDO has gotten a switch to force client side placeholder replacement in favor of using server side prepared statements due to the fact that prepared statements side-step the MySQL query cache.
BTW: I am not posting this to solicit MySQL bashing.

The main reason why PDO pushes prepared statements is the fact that they offer good protection against SQL injection. However obviously in shared nothing architectures like PHP, which does not yet have any sort of connection/statement-pooling solution, the danger of prepared statements becoming stale over time is small. However the problem of running the same statements with two different parameters that require different plans is still quite real.


---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?


Reply via email to