cayenne-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joshua Pyle" <joshua.t.p...@gmail.com>
Subject Re: prepared statements
Date Wed, 18 Oct 2006 18:11:29 GMT
the #bind and general templating you can do in SQL Template has come
in very handy for me.  And you are on the right path.

>From what I understand the binding gets done at a Velocity level and
JDBC PreparedStatement's get created.  I don't believe its DB
dependant.

Someone please correct me if I'm wrong.


-- 
Joshua T. Pyle
Go has always existed.

On 10/18/06, Bryan Lewis <bryan@maine.rr.com> wrote:
> I just wanted to confirm something with the group.  I've been using
> SQLTemplate for a few special-purpose things in our apps, mainly for
> quick counts or searches.  However, someone pointed out to me recently
> that it was bad to pass simple SQL strings to Oracle; I should be using
> bind variables instead, or in the Java idiom, creating
> PreparedStatements.  For example,
> http://asktom.oracle.com/pls/ask/f?p=4950:8:::::F4950_P8_DISPLAYID:528893984337
> preaches, "If you do not fix this, your application is doomed to utter
> and total failure from day one."  I thought that was overstating the
> problem just a bit, seeing as how our apps have done well for a couple
> of years past day one, but okay, I'll heed the advice.
>
> It appears that this isn't hard to do with SQLTemplate, using the #bind
> directive.  I skimmed the Cayenne code and saw where it creates a
> PreparedStatement with the parameters.  Very cool.
>
> Assuming I'm on the right track so far... Will this work equally well on
> different databases?  Oracle and PostgreSQL are the only ones I really
> care about.  A google didn't turn up anything definitive about which
> databases accept bind variables, but maybe they use different terms.
>
> Thanks.
>
>
>

Mime
View raw message