report1
- Assumes the table argument is a properly quoted table name.
- Use a placeholder to avoid problems from (intentially or unintentially) badly formed statusid arguments.
- Executes one query per statusid argument.
- Does the counting server-side.
- Can do result ordering server-side.
report2
- Assumes the table argument is a properly quoted table name.
- Assumes the statusid arguments are valid numbers.
- Only executes one query.
- Does the counting client-side.
- Result ordering must be done client-side.
The different assumptions impose different validation requirements on the caller.
The number of queries affects performance.
Update: report3 uses the best features of report1 and report2.
sub report3 {
my $table = shift @_;
my @statusids = @_;
my $sql = "
SELECT statusid, COUNT(statusid)
FROM $table
WHERE statusid IN (". join(',', ('?')x@statusids) . ")
GROUP BY statusid
";
my $sth = $DBH->prepare($sql);
$sth->execute(@statusids);
while (my ($statusid, $count) = $sth->fetchrow_array) {
print "$statusid = $count\n";
}
}
- Assumes the table argument is a properly quoted table name.
- Use a placeholder to avoid problems from (intentially or unintentially) badly formed statusid arguments.
- Only executes one query.
- Does the counting server-side.
- Can do result ordering server-side.