Menu
i am looking to accelerate some queries using prepared statements on a high traffic site. what i don't think i'm understanding correctly is the benefit from using prepared statements unless they can stay prepared over multiple connections. it looks like this is not possible with PDO which also does not allow persistent connections. but the persistent connection functions don't allow PDO.
lets say for arguments sake i am running a query 5,000 times per second: SELECT * FROM some_table WHERE some_column LIKE 'some_value'
from what i understand, PDO would prevent mysql from re-compiling and evaluating the query if i were to change "some_value" each time i needed to query. i also understand that "some_value" could be transmitted in binary instead of ASCII to save bandwidth, but it wouldn't be saving much if i had to send the entire query each time i open the connection.
also from what i have read, stored procedures are not the solution, because those do not stay compiled through multiple connections either.
is there any solution to this problem? storing a prepared statement on the server somewhere and having it stay compiled in memory and ready to fire as soon as it receives the variables?
is there any way to make this happen by combining connection pooling with PDO? (although i have also heard connection pooling is not ideal because it can cause blocking in certain conditions)
535
A prepared statement is a feature used to execute the same (or similar) SQL statements repeatedly with high efficiency. Prepared statements basically work like this: Prepare: An SQL statement template is created and sent to the database. Certain values are left unspecified, called parameters (labeled "?").
Placeholders can be understood as predefined “search and replace” templates that will be replaced with some actual values at execution time. They are usually used for MySQL queries.
Prepared statements are statement already interpreted, the DBMS change parameters and the query starts immediately. This is a feature of certain DBMS and you can achieve fast response (comparable with stored procedures). Parametrized statement are just a way you compose the query string in your programming languages.
A prepared statement is a parameterized and reusable SQL query which forces the developer to write the SQL command and the user-provided data separately. The SQL command is executed safely, preventing SQL Injection vulnerabilities.
After running numerous benchmarks, we found that prepared statements prepared on the server provided us the greatest speed benefits. Here's an example:
DROP PROCEDURE IF EXISTS get_user;
DELIMITER //
CREATE PROCEDURE get_user(IN v_user VARCHAR(255))
DETERMINISTIC
READS SQL DATA
SQL SECURITY INVOKER
COMMENT ''
proc: BEGIN
SET @user = v_user;
IF ISNULL(@get_user_prepared) THEN
SET @get_user_prepared = TRUE;
SET @sql = "SELECT * FROM mysql.user WHERE user = ?";
PREPARE get_user_stmt FROM @sql;
END IF;
EXECUTE get_user_stmt USING @user;
END;
//
DELIMITER ;
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
