Re: [PHP] prepared statement

2008-06-26 Thread Chris
ctx2002 wrote: > thanks for answering my question. > > I have checked PHP PDO doc. > PDO:: query() can send a query to server. > my question is, does PDO:: query() generates prepared statement > automatically? > or I have to explicitly call PDO:: prepare() to use prepared statement? You have to

Re: [PHP] prepared statement

2008-06-26 Thread ctx2002
thanks for answering my question. I have checked PHP PDO doc. PDO:: query() can send a query to server. my question is, does PDO:: query() generates prepared statement automatically? or I have to explicitly call PDO:: prepare() to use prepared statement? for example: PDO:: query("select name f

Re: [PHP] prepared statement

2008-06-25 Thread Larry Garfield
On Wednesday 25 June 2008 8:24:06 pm ctx2002 wrote: > so only benefit for use prepared statement in Web environment is to prevent > SQL > injection? > > regards It's somewhat more complicated than that. (The following is based on my own experiences with PDO and a conversation with PDO's original

Re: [PHP] prepared statement

2008-06-25 Thread ctx2002
so only benefit for use prepared statement in Web environment is to prevent SQL injection? regards chris smith-9 wrote: > > ctx2002 wrote: >> >> I mean for each different requests/connection how can i use same prepared >> statements object that was >> generated by PDO lib/mysql Server. >

Re: [PHP] prepared statement

2008-06-25 Thread Chris
ctx2002 wrote: > > I mean for each different requests/connection how can i use same prepared > statements object that was > generated by PDO lib/mysql Server. You can't. Resources/connections are done per request and can't be shared - it's done that way by design. -- Postgresql & php tutorial

Re: [PHP] prepared statement

2008-06-25 Thread ctx2002
I mean for each different requests/connection how can i use same prepared statements object that was generated by PDO lib/mysql Server. is Mysql server cache prepared statement plan? for example: client one connect to our site, and send a prepared statement to our mysql DB, now the DB will c

Re: [PHP] prepared statement

2008-06-25 Thread Chris
ctx2002 wrote: > Hi all: > > We are use PHP PDO's Prepared statement to send SQL query to Mysql server. > According to PHP PDO doc, Prepared statement are fast for executing multiple > SQL queries with same parameters. "by using prepared statement you avoid > repeating the analyze/compile/optimize

[PHP] prepared statement

2008-06-25 Thread ctx2002
Hi all: We are use PHP PDO's Prepared statement to send SQL query to Mysql server. According to PHP PDO doc, Prepared statement are fast for executing multiple SQL queries with same parameters. "by using prepared statement you avoid repeating the analyze/compile/optimize cycle" Our application i