Ron Mayer wrote:
> Tom Lane wrote:
> > Bruce Momjian <bruce@momjian.us> writes:
> >> What value is allowing multiple queies via PQexec()
> >
> > The only argument I can think of is that it allows applications to be
> > sloppy about parsing a SQL script into individual commands before they
> > send it. (I think initdb may be guilty of exactly that BTW...) At the
> > same time you could argue that such sloppiness is inherently a Bad Idea.
>
> Doesn't it also avoid some network(?) overhead when you have
> a large number of small inserts or updates?
>
> I seem to recall a previous company where we had a major performance
> by concatenating a bunch of updates with ";"s in between and sending
> them to postgresql as a single command.
Added to TODO list:
> o Consider parsing the -c string into individual queries so each
> is run in its own transaction
>
> o Consider disallowing multiple queries in PQexec() as an
> additional barrier to SQL injection attacks
-- Bruce Momjian bruce@momjian.us EnterpriseDB http://www.enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +