Ted Roche wrote: > http://dev.mysql.com/doc/refman/5.1/en/myodbc-news-3-51-18.html > > "Connector/ODBC now supports batched statements. In order to enable > cached statement support you must switch enable the batched statement > option (FLAG_MULTI_STATEMENTS, 67108864, or Allow multiple statements > within a GUI configuration). Be aware that batched statements create > an increased chance of SQL injection attacks and you must ensure that > your application protects against this scenario. (Bug#7445)" > > That's an interesting way to patch the potential of some classes SQL > Injection attacks, by rejecting multiple statements. I'd prefer a > transient setting, ("SET MULTISTATEMENT ON", then your statements, > "OFF"). But it makes sense that a lot of the more common apps should > be able to run with this off. > >
Hmmm....so if one were to have a VFP system whereby it created the UPDATE SQL for multiple updates along with possibly INSERTS for new records, one could daisy change them together in one fell swoop using a single SQLEXEC statement, if I read this right. Does that mean better performance since you're making fewer trips to the server or is this perhaps 6 of one, 1/2 dozen of another? Curious...(yeah I know...design some test code and try it....) -- Michael J. Babcock, MCP MB Software Solutions, LLC http://mbsoftwaresolutions.com http://fabmate.com "Work smarter, not harder, with MBSS custom software solutions!" _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[EMAIL PROTECTED] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
