patternsqlMinor
Persisting Prepared Statements
Viewed 0 times
statementspersistingprepared
Problem
I know that the documentation states:
Prepared statements only last for the duration of the current database session.
Is there any way way to either
Prepared statements only last for the duration of the current database session.
Is there any way way to either
- save a prepared statement
- create code which will regenerate a prepared statement?
Solution
If I understand you correctly, you want to use functions.
Those are stored (with their code), their execution plans (may be) cached and so on. Plan caching is not so simple as it first sounds. Read https://www.postgresql.org/docs/current/static/plpgsql-implementation.html#PLPGSQL-PLAN-CACHING and the linked page about
For the additional questions from your comments, PostgreSQL functions don't necessarily protect you from SQL injection. Building dynamic SQL statements the wrong way (using concatenation without proper quoting) can still open the possibility for such attacks.
Those are stored (with their code), their execution plans (may be) cached and so on. Plan caching is not so simple as it first sounds. Read https://www.postgresql.org/docs/current/static/plpgsql-implementation.html#PLPGSQL-PLAN-CACHING and the linked page about
PREPARE.For the additional questions from your comments, PostgreSQL functions don't necessarily protect you from SQL injection. Building dynamic SQL statements the wrong way (using concatenation without proper quoting) can still open the possibility for such attacks.
Context
StackExchange Database Administrators Q#143727, answer score: 3
Revisions (0)
No revisions yet.