| From: | Ron Johnson <ron(dot)l(dot)johnson(at)cox(dot)net> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: pgsql vs mysql |
| Date: | 2006-07-11 20:24:37 |
| Message-ID: | 44B40905.1090507@cox.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Joshua D. Drake wrote:
>> The multiple insert stuff is not only non-standard, it also encourages
>> the bad practice of using literal values directly in the SQL string
>> versus prepared statements with place holders. It is bad practice
>> because it introduces SQL injection risks since the responsibility of
>> literal value escaping is with the application instead of the driver.
>
> It is also something that users are clammoring for (and my customers). To
> the point that I have customers using unions to emulate the behavior. Why?
> Because it is really, really fast.
When inserting multiple rows in the same INSERT statement, how do
you tell which row fails on a constraint or datatype-mismatch violation?
- --
Ron Johnson, Jr.
Jefferson LA USA
Is "common sense" really valid?
For example, it is "common sense" to white-power racists that
whites are superior to blacks, and that those with brown skins
are mud people.
However, that "common sense" is obviously wrong.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEtAkFS9HxQb37XmcRAvfaAJ4viPqLt8g1aHR6H9l7lEjM13EWcgCgulAx
rPuCH7OSDeb7RuKBuywm5k4=
=RRQx
-----END PGP SIGNATURE-----
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Paul Tilles | 2006-07-11 20:26:41 | Re: doesn't recognize "!=-" (not equal to a negative value) |
| Previous Message | Guido Neitzer | 2006-07-11 20:20:56 | Re: pgsql vs mysql |