| From: | bricklen <bricklen(at)gmail(dot)com> |
|---|---|
| To: | "Guillaume Smet" <guillaume(dot)smet(at)gmail(dot)com> |
| Cc: | pgsql-performance(at)postgresql(dot)org |
| Subject: | Re: Poor plan choice in prepared statement |
| Date: | 2008-12-31 15:11:17 |
| Message-ID: | 33b743250812310711r6fb8fb1ydb72aee090d7bc06@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-performance |
Hi Guillaume,
On Wed, Dec 31, 2008 at 1:12 AM, Guillaume Smet
<guillaume(dot)smet(at)gmail(dot)com> wrote:
> On Tue, Dec 30, 2008 at 7:59 PM, bricklen <bricklen(at)gmail(dot)com> wrote:
>> I would like to continue to use bind variables to prevent sql
>> injection, but I'd like to force a plan re-parse for every single
>> query (if necessary?)
>
> As far as I understand your problem, you don't care about using
> prepared statements.
>
> If so, you can:
> - either use pg_query_params():
> http://www.php.net/manual/en/function.pg-query-params.php
> - or use an unnamed prepared statements when you don't want a prepared
> statement if, for some reason, you really need to use prepared
> statements in a few cases: you can specify an empty string as plan
> name. The condition for this one is that you need to upgrade to a
> recent version of 8.3 as postponed planning of unnamed prepared
> statements is a new feature of 8.3 and was broken in 8.3.0 and 8.3.1.
>
> --
> Guillaume
>
I will look into the pg_query_params() function to see if it works for
us. I don't think your second suggestion is going to work for us,
since we are stuck on 8.2 for the foreseeable future.
Thanks for the tips though, I appreciate it!
Bricklen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2008-12-31 16:01:18 | Re: Poor plan choice in prepared statement |
| Previous Message | Guillaume Smet | 2008-12-31 09:12:47 | Re: Poor plan choice in prepared statement |