prepared-statement

问题 This question already has an answer here : mysqli_fetch_assoc() expects parameter / Call to a member function bind_param() errors. How to get the actual mysql error and fix it? (1 answer) Closed 6 months ago . I have a custom error handler in place but I need to know where to test for errors within my prepared statement. Do I test at all prepared() , bind() , execute() and store_result() stages or just selected stages? $statement = $databaseHandler->mysqli->prepare($query) or trigger_error(

问题 I'm beginning to use prepared statements with my sql queries in php and in starting with this I have come up with a question. I have a function that grabs a user's id from a table at login. I want the user to be able to use either their username or email address for their login. So my sql statement is: SELECT * FROM `login` WHERE `username`=? OR `emailAddress`=? Now essentially when in this query username and emailAddress will be the same because it can be either or. So when binding my

问题 I'm trying to write a MySQL search function that builds a dynamic sql value and executes it via a prepared statement. Obviously I want to pass the user input (the search word) via a parameter for security but I can't work out how to match one parameter to multiple ? marks in the query. Probably best to show what I mean: CREATE DEFINER=`admin`@`localhost` PROCEDURE `WEBSITE_mainSearch`( IN searchWordIn VARCHAR(128) ) BEGIN DECLARE articlesModule BIT; SET @query = ''; SET @searchWordIn =

问题 I am looking for a way to cache prepared statements in a servlet environment (specifically, Tomcat 5.5). This is meant to reduce the number of times that prepared statements are created, i.e. the number of times that connection.prepareStatement(sql) is called. My initial idea was to store PreparedStatement objects in the session, where the key (the attribute name) is the query itself. This can also be done lazily. However, someone alerted me to the fact that, depending on the JDBC driver

问题 I have a Java application using Hibernate to communicate with a MsSQL 2005 server, the driver is net.sourceforge.jtds 1.2.4. Things are working but the performance is horrible , I suspect the index isn't used for the queries passed to it, since the response times are proportional to the number of entries in the table. I have written a small test application that use the same driver (jtds) but doesn't use Hibernate and I have been able to reproduce the poor performance (or so I believe). When

问题 In the Oracle JDBC driver, there is an option to cache prepared statements. My understanding of this is that the prepared statements are precompiled by the driver, then cached, which improves performance for cached prepared statements. My question is, does this mean that the database never has to compile those prepared statements? Does the JDBC driver send some precompiled representation, or is there still some kind of parsing/compilation that happens in the database itself? 回答1: When you use

问题 I want to use libdbi to make an application database-agnostic. I would like to use prepared statements. How can I use prepared statements with libdbi? All the examples I saw use normal select bla from blub where foo; statements and use escaping functions provided by libdbi for input escaping. If it is not possible to do this in libdbi, can you recommend another db-abstraction-library that can do that or explain why such a feature does not make sense? 回答1: Unfortunately, libdbi does NOT

问题 I have a query that looks like this: SELECT CONCAT('path/to/page/?id=', id) AS link FROM users WHERE name = ? I am using PDO to prepare this statement and I am getting the error Invalid parameter number: number of bound variables does not match number of tokens because it thinks the question mark in the CONCAT string is a placeholder. Is there any way to escape the question mark so PDO knows that it is not a placeholder? Please no comments about other ways to get the link. I am changing old

问题 In (say) Python, I can issue: psycopg2.connect(...).cursor().execute("select * from account where id='00100000006ONCrAAO'") which on the server results in the following log entries: 2011-07-18 18:56:08 PDT LOG: duration: 6.112 ms statement: select * from account where id='00100000006ONCrAAO' However, in Java, issuing: conn.createStatement().executeQuery("select * from account where id = '00100000006ONCrAAO'"); results in: 2011-07-18 18:44:59 PDT LOG: duration: 4.353 ms parse <unnamed>: select

问题 I have a problem using jdbc preparedStatement in batch and trying to get the generated keys created from this. The code : PreparedStatement stmt = null; ... connection.setAutoCommit(false); stmt = connection.prepareStatement(insertSuspiciousElement,new String[] {"external_id","element_id"}); final int elementBatchSize = 5000; int elementCount =0; for(BlSuspiciousElement element : elements){ externalIds.add(element.getExternalId()); stmt.setInt(1, element.getBlElementType().getElementTypeId())