Jeff Mathis wrote:
> forgive me.
>
> i was initially using the perl DBI methods to load. I am not intimately
> familiar with the inner workings of DBI, but obviously it must be doing
> something if you say mysql does not support binding variables
> (i am using 4.0.4). This is significantly faster than creating a new
> prepared statement for every insert.
>
> I'm now using JDBC, and havne't explored this yet. I'm coming from the
> Oracle camp, and have only been using mysql for less than a month. so
> far, i find it very snappy. I do miss the ability to have stored
> procedures, triggers and views however.
>
> jeff
> Dan Nelson wrote:
[snip]
>>
>>Note that mysql does not support bind variables. If you think you're
>>using them, whatever API you are using is filling them in before
>>sending the statement to mysql. Bind variables do solve quoting
>>problems, though, so if you use them, know why you're using them :)
>>
>>--
>> Dan Nelson
>> dnelson@stripped
Dan speaks the truth. However, using bind variables also proves that
you're forward-looking as MySQL-4.1 will have prepared statements with
'real' bound parameters, so your code will run that much faster then.
The quoting problem is a valid point, and in fact I always prescribe it
as dynamic SQL is the root of many an exploit in database applications,
especially web-based ones.
-Mark
--
For technical support contracts, visit https://order.mysql.com/?ref=mmma
__ ___ ___ ____ __
/ |/ /_ __/ __/ __ \/ / Mark Matthews <mark@stripped>
/ /|_/ / // /\ \/ /_/ / /__ MySQL AB, Full-Time Developer - JDBC/Java
/_/ /_/\_, /___/\___\_\___/ Flossmoor (Chicago), IL USA
<___/ www.mysql.com
