"Aidan Van Dyk" <[EMAIL PROTECTED]> writes: > That said, though *I* like the idea (and since I develop against > PostgreSQL 1st and use params for my queries I would consider it a nice > tool to "keep me honest"), I can easily see that the cost/benefit ratio > on this could be quite low and make it not worth the code/support > necessary.
Note that using parameters even for things which are actually constants is not really very desirable. If you have a query like: SELECT * FROM users WHERE userid = ? AND status = 'active' a) It makes things a lot clearer to when you call Execute($userid) which values are actually the key user-provided data. In more complex queries it can be quite confusing to have lots of parameters especially if the query itself only makes sense if you know what values will be passed. b) It allows the database to take advantage of statistics on "status" that might not otherwise be possible. Parameters are definitely the way to go for dynamic user data but for constants which are actually an integral part of the query and not parameters you're passing different values for each time it's actually clearer to include them directly in the query. -- Gregory Stark EnterpriseDB http://www.enterprisedb.com Ask me about EnterpriseDB's On-Demand Production Tuning -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
