Special

Introducing the “Welcome to Xojo” Bundle!

New to Xojo and looking for guidance? We've put together a terrific bundle to welcome you! Xojo Bundle

This bundle includes six back issues of the magazine -- all of year 14 in printed book and digital formats -- plus a one-year subscription so you'll be learning all about Xojo for the next year. It's the perfect way to get started programming with Xojo. And you save as much as $35 over the non-bundle price!

This offer is only available for a limited time as supplies are limited, so hurry today and order this special bundle before the offer goes away!

Article Preview


Buy Now

PDF:

Databases for REAL

SQL Prepared Statements

Exploring a sweet new feature

Issue: 9.2 (January/February 2011)
Article Description: No description available.
Article Length (in bytes): 3,360
Starting Page Number: 78
RBD Number: 9212
Resource File(s): None
Related Link(s): None
Known Limitations: None

Excerpt of article text...

REAL Studio 2010 Release 4.1 added a great new feature: SQL Prepared Statements (also known as parameter binding). With this new feature you no longer have to create your entire SQL statement using string concatenation! This has two major benefits: Performance and Security.

Performance

Before an SQL statement can be run, the DB engine has to parse it. Depending on the complexity of the statement, this could add a noticeable performance hit, particularly if the SQL is used repeatedly.

But when you use the prepared statement feature, your SQL is parsed just once by the database engine. The results of the parsed statement are saved so that subsequent SELECTs can be run immediately without any parsing.

Security

Have you ever heard of SQL Injection Attacks? Although not really a concern with desktop applications, SQL Injections are a serious concern with web applications. And now that REAL Studio Web Edition is available, this is something we all need to understand.

Let's say your login page checks for a valid user in this (rather simplistic) manner:

...End of Excerpt. Please purchase the magazine to read the full article.

Article copyrighted by REALbasic Developer magazine. All rights reserved.


 


|

 


Weblog Commenting and Trackback by HaloScan.com