Re^3: fetchrow/all vs selectrow/all

Note that you should probably use placeholders. It’s so easy with DBI that there’s rarely a reason not to.

my $stmt = "SELECT * FROM mytable WHERE id = ?";
my $sth = $dbh->prepare( $stmt );
$sth->execute( $myid );
my $results = $sth->fetchall_arrayref( {} );

# or

my $stmt = "SELECT * FROM mytable WHERE id = ?";
my $results = $dbh->selectall_arrayref( $stmt, undef, $myid );
[download]

Then you can also further optimise the first case by saying

my $sth = $dbh->prepare_cached( $stmt );
[download]

In that case, because the placeholder-adorned query is always the same, you might even end up preparing the statement only once during your entire runtime.

Makeshifts last the longest.

Comment on Re^3: fetchrow/all vs selectrow/all Select or Download Code

Replies are listed 'Best First'.
Re^4: fetchrow/all vs selectrow/all by bradcathey (Prior) on Nov 26, 2005 at 01:28 UTC
Interesting, I use placeholders 100% of the time when INSERTing, but didn't know there was an advantage to doing it with SELECT. My understanding was that placeholders helped to avoid sql injections. So far, I'm hearing little difference in fetch vs select, other than the repeated-prepare-scenario. —Brad "The important work of moving the world forward does not wait to be done by perfect men." George Eliot	[reply]
Re^5: fetchrow/all vs selectrow/all by Aristotle (Chancellor) on Nov 26, 2005 at 01:54 UTC
Well, yes, if you only execute the query once, then there’s no difference, because `select(row\|all)` are convenience functions for… executing the query once. SQL injection can’t happen only on INSERT, though. Any query using user data in some shape or fashion is subject to manipulation. Makeshifts last the longest.	[reply]