| From: | "Guillaume Smet" <guillaume(dot)smet(at)gmail(dot)com> |
|---|---|
| To: | bricklen <bricklen(at)gmail(dot)com> |
| Cc: | pgsql-performance(at)postgresql(dot)org |
| Subject: | Re: Poor plan choice in prepared statement |
| Date: | 2008-12-31 09:12:47 |
| Message-ID: | 1d4e0c10812310112h2e96001ap86a42e78803a18bc@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-performance |
On Tue, Dec 30, 2008 at 7:59 PM, bricklen <bricklen(at)gmail(dot)com> wrote:
> I would like to continue to use bind variables to prevent sql
> injection, but I'd like to force a plan re-parse for every single
> query (if necessary?)
As far as I understand your problem, you don't care about using
prepared statements.
If so, you can:
- either use pg_query_params():
http://www.php.net/manual/en/function.pg-query-params.php
- or use an unnamed prepared statements when you don't want a prepared
statement if, for some reason, you really need to use prepared
statements in a few cases: you can specify an empty string as plan
name. The condition for this one is that you need to upgrade to a
recent version of 8.3 as postponed planning of unnamed prepared
statements is a new feature of 8.3 and was broken in 8.3.0 and 8.3.1.
--
Guillaume
| From | Date | Subject | |
|---|---|---|---|
| Next Message | bricklen | 2008-12-31 15:11:17 | Re: Poor plan choice in prepared statement |
| Previous Message | Gregory Stark | 2008-12-31 04:23:41 | Re: Poor plan choice in prepared statement |