db-torque-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thomas Fox <Thomas....@seitenbau.net>
Subject torque4: runtime selects switched to prepared statements
Date Sun, 09 Jan 2011 13:52:29 GMT

I just checked in code which replaces the usage of normal statements in
selects with the usage of prepared statements. Prepared statements are
better than normal statements because they have less exposure to sql
injection in web applications, and also the performance might be better if
they are used several times (prepared statements can be cached by database
connection pools).
This change is in the runtime only, the test project has been changed only
marginally. The API of the runtime did not change except the removal of the
doPSSelect methods.

The test project works fine against mysql and postgresql, there are minor
issues with oracle:
- the jdbcToSchema task in the test project fails on my local oracle
installation. This has not been intoduced by this pacht, has been like this
before. This looks like a bug in the oracle driver or my Express
installation, but I have not looked into this further.
- the test of the current_date and current_time sql functions fails for
oracle.

I did not check derby and mssql, but will do so in the future. This might
take saome time because I'm quite busy in the moment for my dayjob.
Bug reports and comments are most welcome.

     Thomas


---------------------------------------------------------------------
To unsubscribe, e-mail: torque-dev-unsubscribe@db.apache.org
For additional commands, e-mail: torque-dev-help@db.apache.org


Mime
View raw message