什么是准备语句?它们如何与动态sql不同? [英] What are prepared statements? How are they different from dynamic sql?
问题描述
我没有看到任何重复的问题,但想知道是否有人可以提供一些很好的例子,特别是围绕这些的最佳做法。
I did not see any duplicate questions but wondering if somebody can provide some good examples and specially best practices around these.
推荐答案
准备的语句是预编译语句,您可以对数据库运行多次,并且SQLServer不会在每次运行它时解析或生成不同的执行计划。通常,您在客户端上下文(使用JDBC,ADO.NET,ODBC或任何其他客户端访问技术)中运行准备语句。
Prepared Statements are precompiled statements that you can run multiple times against on the database, and SQLServer won't parse or generate a different execution plan each time you run it. Usually, you run prepared statement in a client context (using JDBC, ADO.NET, ODBC or any other client access technology).
,当然)会是这样:
PreparedStatement ps = conn.prepareStatmente("insert into t(field1) values (?)");
ps.setString(1, "Hello");
ps.executeUpdate();
ps.setStrgin(2, "World");
ps.executeUpdate();
ps.close();
// two rows will be inserted into table t:
// field1 => "Hello"
// field1 => "world"
动态SQL 是运行存储在SQLServer中的存储过程或函数中的动态变量(即字符串)中的任何SQL语句的能力。您可以在提供的链接中找到一些示例。
Dynamic SQL is the ability to run any SQL sentence stored in a dynamic variable (i.e. a string) inside a stored procedure or function in SQLServer. You can find some examples in the link provided.
这篇关于什么是准备语句?它们如何与动态sql不同?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!