vertx-sql-client icon indicating copy to clipboard operation
vertx-sql-client copied to clipboard
verified publisher icon eclipse-vertx

Introduce client-side prepared statements

Open BillyYccc opened this issue 6 years ago • 2 comments

Client-side prepared statement(also known as parameter interpolation) is a useful feature. Being different from server-side prepared statements, the parameters are encoded as text by the client and interpolated into the SQL string, then the SQL is sent as a simple query to the server. This can save a round trip compared with the server-side prepared statement.

In the official MySQL JDBC connector, this feature is enabled by default with setting the useServerPrepStmts false.

BillyYccc avatar Sep 19 '19 12:09 BillyYccc

We can also enrich the SPI with adding a new command PrepareExec to simplify the implementations, this will ease the implementation for sp_prepareExec command in MSSQL as well.

BillyYccc avatar Sep 19 '19 12:09 BillyYccc

I think that should not really be part of the project, doing such thing means dealing with lot of encoding problems potentially such as SQL injections and CVE.

vietj avatar Sep 19 '19 14:09 vietj