Am Donnerstag, 31. August 2006 16:26 schrieb Andrew Dunstan:
> Cached plans etc. might have an impact, but please do not overlook the
> benefits of parameterized queries in avoiding SQL injection attacks, as
> well as often being much cleaner to code.
That might be part of the confusion. Composing queries with the variable
parameters out of line is a very nice feature. But that concept is totally
independent of the question whether the execution plan should be cached. The
APIs (and their documentations) just don't convey that very well.
In response to
pgsql-hackers by date
|Next:||From: elein||Date: 2006-08-31 15:03:27|
|Subject: Re: gBorg status?|
|Previous:||From: Peter Eisentraut||Date: 2006-08-31 14:42:27|
|Subject: Re: Prepared statements considered harmful|