Denis Gasparin wrote:
Hi!
I am testing the PHP PDO library versus the old style PHP postgres
functions.
I noted that PDO library declare and prepare every statement. I mean:
$s = $db->query("select * from test where field=1");
is equivalent to
$s = $db->prepare("select * from test where field=?");
$s->execute(array('1'));
Speaking about postgresql performance...
would not it be more efficient executing directly the query in the first
case ($db->query) than
preparing a statement without parameters and then executing it?
It almost certainly is faster, at least for very short queries that you
only run once. Hopefully if I run the same query twice in a row, the PDO
library doesn't prepare it twice.
However, the separate prepare/execute is a little safer since it's
harder for a user-supplied parameter to have the wrong type or do sql
injection.
--
Richard Huxton
Archonet Ltd
