Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Should I prepare all queries even if they will only be executed once?

Tags:

php

mysql

pdo

prepared-statement

Using PHP's PDO class, does preparing queries cause a (slight even) performance hit that isn't made up if you only execute the query once per connection? I'm making a small data access layer and I'm wondering if it's okay to blindly prepare all queries, or if I should only prepare queries that will be reused.

like image 282
Parris Varney Avatar asked Oct 17 '25 09:10

Parris Varney

1 Answers

Prepared statements arent only for reused queries. They should be used for all queries that have untrusted data, making sure to bind the untrusted data. This eliminates SQL injection opportunities.

http://www.php.net/manual/en/pdo.prepared-statements.php

like image 111
Galen Avatar answered Oct 20 '25 00:10

Galen
Sign in to Comment

Related questions

Connecting to MSSQL from PHP securely with encryption?
Object not found! The requested URL was not found on this server. localhost
On Redis is better to store one key with JSON data as value or multiple keys with single value?
How To Stop Variable From Resetting After Form Submit?
How to get pivot data inside eloquent withCount function callback?
PHP - How to verify record deleted successfully

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!