Edit - Software Engineering Stack Exchange

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

Required fields*

Rev

17

5. Parametrized queries are more readable and maintainable. WHERE Foo = @Bar is much more meaningful than Foo = {0}. String format with dozen parameters is not fun. As a bonus, string interpolation combined with nameof() will keep query up to date during automatic refactor. 6. Parametrized queries are not bound to peculiarities of String.Format of language/framework/runtime. Not only query will work elsewhere, you won't have to deal with parameter order. 7. Parametrized query won't break when using float/date on system with different locale settings than database.

PTwr
– PTwr

2023-03-07 21:24:36 +00:00
Commented Mar 7, 2023 at 21:24
4

@PTwr: 8. Parameterized queries' execution plans are better cached by databases.

Matthieu M.
– Matthieu M.

2023-03-08 08:42:26 +00:00
Commented Mar 8, 2023 at 8:42
2

@PTwr: Your 5 and 6 are possibly a little dubious: some database libraries (*cough* Perl DBI *cough*) have parameterised syntax like WHERE Foo = ?; conversely some string format libraries (eg Python) allow WHERE Foo = {foo}. (Not that this should discourage anyone from using parameterised queries - the advantages still massively outweigh the disadvantages!)

psmears
– psmears

2023-03-08 10:27:20 +00:00
Commented Mar 8, 2023 at 10:27
2

@Matthieu M. Query plan caching depends on the RDBMS, and it might even have ill side effects. I gave a hunch that it was Oracle which will happily ignore the parameters (and the corresponding statistics) when it hits a parameterized query where the plan is already cached. A WHERE clause like "status = :status" might give a full table scan with :status = 'closed', while :status = 'open' uses an index (table has a few dozen rows with status 'open', billions with status 'closed'). Additional fun, like when a SORT BY is present, might use a suboptimal index. Using the same plan sucks.

Klaws
– Klaws

2023-03-08 12:17:41 +00:00
Commented Mar 8, 2023 at 12:17
1

@Klaws: There are indeed corner cases, in general though it's beneficial.

Matthieu M.
– Matthieu M.

2023-03-08 12:32:34 +00:00
Commented Mar 8, 2023 at 12:32

| Show 2 more comments

Correct minor typos or mistakes
Clarify meaning without changing it
Add related resources or links
Always respect the author’s intent
Don’t use edits to reply to the author

create code fences with backticks ` or tildes ~
```
like so
```
add language identifier to highlight code
```python
def function(foo):
print(foo)
```
put returns between paragraphs
for linebreak add 2 spaces at end
_italic_ or **bold**
indent code by 4 spaces
backtick escapes `like _so_`
quote by placing > at start of line
to make links (use https whenever possible)

<https://example.com>

[example](https://example.com)

<a href="https://example.com">example</a>

formatting help »
answering help »