Category Archives: SQL

String Append Vs Parameter Binding (Advantages)- Part 2

This post is in continuation of my previous post on String Append Vs Parameter Binding. In this post we are going to see the advantages of Parameter Binding over String Append. Generally in our daily to daily coding practice we never consider these advantages and most of the time we try to take a path that is much easier. In taking these easier paths most of the times we compromised the software security , its performance and introduced new bugs , that we might have missed during our testing after development. One of those bugs I have explained in my previous post here.

Below are the advantages that you will get if you rely on Parameter Binding :

Performance : First advantage that we will get if we use parameter binding is having the overall improvement of the application performance. Lets see how it will increase the performance – Today almost all the RDBMS databases supports query execution plan cache , having execution plan in place SQL engine can use the same execution plan again and again , only with different set of values Continue reading String Append Vs Parameter Binding (Advantages)- Part 2

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

String Append Vs Parameter Binding – MySQL

Today when I started my regular daily job , I came across an interesting problem that was related to sql queries and how they treat special characters. The root of the problem was whenever I tried to search any record on the basis of some condition and if that condition contains special characters then my query was not returning me any record.

Focal Point of this post will be – String Append Vs Parameter Binding comparison

e.g Let assume there is a table (USER_DATA) that contains 3 columns  – Id, UserName and Location and below is some sample data .

ID USER_NAME LOCATION
1 XYZ%ABC USA
2 SAW_UI INDIA
3 RAT’ME NL
4 JACK\MET USA

 

Now suppose if I execute this query

Select * from USER_DATA where USER_NAME like ‘%%A%’;

Here , %A is my search criteria, after this query execution it is not returning me any record.

I was getting Continue reading String Append Vs Parameter Binding – MySQL

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS