Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:101051 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 45597 invoked from network); 4 Nov 2017 17:01:12 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 4 Nov 2017 17:01:12 -0000 Authentication-Results: pb1.pair.com header.from=rowan.collins@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=rowan.collins@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.82.43 as permitted sender) X-PHP-List-Original-Sender: rowan.collins@gmail.com X-Host-Fingerprint: 74.125.82.43 mail-wm0-f43.google.com Received: from [74.125.82.43] ([74.125.82.43:51430] helo=mail-wm0-f43.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 23/90-09857-752FDF95 for ; Sat, 04 Nov 2017 12:01:12 -0500 Received: by mail-wm0-f43.google.com with SMTP id b9so6978481wmh.0 for ; Sat, 04 Nov 2017 10:01:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:user-agent:in-reply-to:references:mime-version :content-transfer-encoding:subject:to:from:message-id; bh=FRo1UkdupVxL13QFeFo3aIix+NaUE/+SDd6L30IgE+I=; b=sqtzZ/Da5x16ui9j3zifp6qzx+uIavdIUcr1UQjRQmezBhj+0wDhC1lmUGFZQnv/9r Bymybi7/QqOMWicB9lDQzsMniAy1HbJ4x2yPo70FuPP4evqcQUWMFC4F8gCHynt1IbZO ufwIr+wZK4HhyApgHFOutD/FDa4U1H9FZrijoF7Exsc87xpufH7eCYm8nfc2lzXZQUxT 145BRoukX8goATdercRnO9UXZzwjdO9C9gr0zS8pT11Ef19aFurv3/7OZzSRDV/WUhDh tIMWtpO821bfMMyxIiQyYoMbtMP2jedR+BudyytrS9iwDJIeU7+5BozdcI8mp37s14+q qJFA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:user-agent:in-reply-to:references :mime-version:content-transfer-encoding:subject:to:from:message-id; bh=FRo1UkdupVxL13QFeFo3aIix+NaUE/+SDd6L30IgE+I=; b=sukOhvH+lKNXqTMFXZKJsBJPZPOuIepuF8LOGESJ4PaTHu67i6L7d8r5sB81Gw+LNY NXnl6CPS54SeIoc9zj0PQFbP6d+gCOPtuVlYhjsRMrn6p5wLgcJjwF0dY/kTuoflOquK 7du5BQ64fKPzC/ZefcIDIi9Q2nzWntK4kXfhUyVY2vkYT6YKbzEvd9NfE/7PBPNurM82 2Yr3N9AkaAfgcCOso2SbtRMUo8qlricWy8Q1nDzY39pgXH6OOuB1s4VGPQP1j18zKaY3 OckAVxBS1EeohYuOPViCMvCeOy/XLoJR0o+y80jSmzPchHfn7G4vGol7rVnG00zvjYEy jngA== X-Gm-Message-State: AJaThX6U+e0hnfJTT6/EFtW4OyweDRrUxig2Nlu5O+LM76xELTkhU7U3 NDJZEssAQjaTCjdhDpcIY/LrJawH X-Google-Smtp-Source: ABhQp+TDYCEAhiPNzzn503zJCI3iFeHPHQz206oUL2yxHhwaN2R82Lg3z133OuUmthtTIu4/idVLiw== X-Received: by 10.28.224.87 with SMTP id x84mr1637842wmg.118.1509814868469; Sat, 04 Nov 2017 10:01:08 -0700 (PDT) Received: from [10.61.246.143] (188.29.165.201.threembb.co.uk. [188.29.165.201]) by smtp.gmail.com with ESMTPSA id c38sm435906wra.53.2017.11.04.10.01.07 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 04 Nov 2017 10:01:07 -0700 (PDT) Date: Sat, 04 Nov 2017 17:01:04 +0000 User-Agent: K-9 Mail for Android In-Reply-To: <361D4C9A-F17C-4572-B162-5EFF94D558D3@koalephant.com> References: <7e7d69c9-8383-9cd0-9a54-0e7e4bb80775@beccati.com> <513ec8cf-6690-0bfa-bf20-b3a38620036b@beccati.com> <361D4C9A-F17C-4572-B162-5EFF94D558D3@koalephant.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable To: internals@lists.php.net Message-ID: Subject: Re: [PHP-DEV] Idea: PDO - Single-round-trip prepared statements From: rowan.collins@gmail.com (Rowan Collins) On 4 November 2017 16:24:58 GMT+00:00, Stephen Reay wrote: >So while most apps don't need to reuse the prepared statement they >benefit from the more bulletproof parameterization, IMO=2E I think a lot of unnecessary confusion comes about because people say "pre= pared statements" when it would be clearer to talk about "parameterized sta= tements"=2E=20 >Also - why does this need a new method? Can't it be an option to PDO >(eg like emulated prepared statements option) and similar to emulated >prepares (which wouldn't need to connect in the prepare() stage) it >just stores the query until you call exec($data) and then makes one >call to the DB server=2E This makes sense to me=2E In effect, there are (for drivers that support t= hem) two independent options: - Prepare statement on server or send only when executed? - Parameterize statement on server or pass as full SQL statement? Preparing on the server without parameterizing on the server doesn't make = much sense, so you end up with three modes: prepare, parameterize, or neith= er=2E "Emulated prepares" should really be called "parameterize on client" - the= re's nothing really to "prepare" until the data is provided to substitute i= n=2E=20 Finally, there are occasional cases where the entire SQL is static code, i= n which case it makes no difference which parameterization mode you use, bu= t there might still be cases for toggling "prepare on server"=2E Regards, --=20 Rowan Collins [IMSoP]