List:General Discussion« Previous MessageNext Message »
From:Reindl Harald Date:May 14 2012 2:54pm
Subject:Re: MySQL Community Server 5.1.63 has been released
View as plain text  

Am 14.05.2012 16:50, schrieb Johan De Meersman:
> ----- Original Message -----
>> From: "Govinda" <govinda.webdnatalk@stripped>
>>
>> 1.) Is anyone *who knows what he is doing* still using
>> mysql_real_escape_string()?  Ever?
> 
> I seem to vaguely remember someone showing me some code that would bypass escaping;
> but I didn't really pay a lot of attention, to be honest :-)
> 
> Personally I haven't used escapes in ages, for the simple reason that prepared
> statements are just that much more convenient - and even if MySQL doesn't do a lot with it
> for the time being, they also allow for some very nifty in-server optimizations using
> cached query plans and similar nifties. Using them is a good habit for three reasons:
>  1) it makes you immune to SQL injections, at least as effectively as escaping;
>  2) if MySQL finally gets around to implementing an execution plan cache, you'll
> start benefiting without having to lift a finger
>  3) you won't need to learn new ways of working if you need to code on different
> databases :-)

but what about the dramatical reduced query-cache hits i see
in some peace of software switching to prepared statements?

dbmail2 as example had around 300 sql-actions per second
dbmail3 using prepared statements currently around 1000 per second

i can not imagine any better performance in a php-script since it
is stateless and you have to do the whole prepare in each request


Attachment: [application/pgp-signature] OpenPGP digital signature signature.asc
Thread
MySQL Community Server 5.1.63 has been releasedSunanda Menon7 May
  • Re: MySQL Community Server 5.1.63 has been releasedBaron Schwartz7 May
    • Re: MySQL Community Server 5.1.63 has been releasedJohan De Meersman8 May
      • Re: MySQL Community Server 5.1.63 has been releasedJohan De Meersman14 May
        • Re: MySQL Community Server 5.1.63 has been releasedGovinda14 May
          • Re: MySQL Community Server 5.1.63 has been releasedJohan De Meersman14 May
            • Re: MySQL Community Server 5.1.63 has been releasedReindl Harald14 May
              • Re: MySQL Community Server 5.1.63 has been releasedJohan De Meersman14 May
                • RE: MySQL Community Server 5.1.63 has been releasedRick James14 May
          • RE: MySQL Community Server 5.1.63 has been releasedRick James14 May