spi_execute_with_args(3) [centos man page]

SPI_EXECUTE_WITH_ARGS(3)				  PostgreSQL 9.2.7 Documentation				  SPI_EXECUTE_WITH_ARGS(3)

NAME

       SPI_execute_with_args - execute a command with out-of-line parameters

SYNOPSIS

       int SPI_execute_with_args(const char *command,
				 int nargs, Oid *argtypes,
				 Datum *values, const char *nulls,
				 bool read_only, long count)

DESCRIPTION

       SPI_execute_with_args executes a command that might include references to externally supplied parameters. The command text refers to a
       parameter as $n, and the call specifies data types and values for each such symbol.  read_only and count have the same interpretation as in
       SPI_execute.

       The main advantage of this routine compared to SPI_execute is that data values can be inserted into the command without tedious
       quoting/escaping, and thus with much less risk of SQL-injection attacks.

       Similar results can be achieved with SPI_prepare followed by SPI_execute_plan; however, when using this function the query plan is always
       customized to the specific parameter values provided. For one-time query execution, this function should be preferred. If the same command
       is to be executed with many different parameters, either method might be faster, depending on the cost of re-planning versus the benefit of
       custom plans.

ARGUMENTS

       const char * command
	   command string

       int nargs
	   number of input parameters ($1, $2, etc.)

       Oid * argtypes
	   an array containing the OIDs of the data types of the parameters

       Datum * values
	   an array of actual parameter values

       const char * nulls
	   an array describing which parameters are null

	   If nulls is NULL then SPI_execute_with_args assumes that no parameters are null.

       bool read_only
	   true for read-only execution

       long count
	   maximum number of rows to return, or 0 for no limit

RETURN VALUE

       The return value is the same as for SPI_execute.

       SPI_processed and SPI_tuptable are set as in SPI_execute if successful.

PostgreSQL 9.2.7						    2014-02-17						  SPI_EXECUTE_WITH_ARGS(3)

PREPARE(7)						  PostgreSQL 9.2.7 Documentation						PREPARE(7)

NAME

       PREPARE - prepare a statement for execution

SYNOPSIS

       PREPARE name [ ( data_type [, ...] ) ] AS statement

DESCRIPTION

       PREPARE creates a prepared statement. A prepared statement is a server-side object that can be used to optimize performance. When the
       PREPARE statement is executed, the specified statement is parsed, analyzed, and rewritten. When an EXECUTE command is subsequently issued,
       the prepared statement is planned and executed. This division of labor avoids repetitive parse analysis work, while allowing the execution
       plan to depend on the specific parameter values supplied.

       Prepared statements can take parameters: values that are substituted into the statement when it is executed. When creating the prepared
       statement, refer to parameters by position, using $1, $2, etc. A corresponding list of parameter data types can optionally be specified.
       When a parameter's data type is not specified or is declared as unknown, the type is inferred from the context in which the parameter is
       used (if possible). When executing the statement, specify the actual values for these parameters in the EXECUTE statement. Refer to
       EXECUTE(7) for more information about that.

       Prepared statements only last for the duration of the current database session. When the session ends, the prepared statement is forgotten,
       so it must be recreated before being used again. This also means that a single prepared statement cannot be used by multiple simultaneous
       database clients; however, each client can create their own prepared statement to use. Prepared statements can be manually cleaned up using
       the DEALLOCATE(7) command.

       Prepared statements have the largest performance advantage when a single session is being used to execute a large number of similar
       statements. The performance difference will be particularly significant if the statements are complex to plan or rewrite, for example, if
       the query involves a join of many tables or requires the application of several rules. If the statement is relatively simple to plan and
       rewrite but relatively expensive to execute, the performance advantage of prepared statements will be less noticeable.

PARAMETERS

       name
	   An arbitrary name given to this particular prepared statement. It must be unique within a single session and is subsequently used to
	   execute or deallocate a previously prepared statement.

       data_type
	   The data type of a parameter to the prepared statement. If the data type of a particular parameter is unspecified or is specified as
	   unknown, it will be inferred from the context in which the parameter is used. To refer to the parameters in the prepared statement
	   itself, use $1, $2, etc.

       statement
	   Any SELECT, INSERT, UPDATE, DELETE, or VALUES statement.

NOTES

       If a prepared statement is executed enough times, the server may eventually decide to save and re-use a generic plan rather than
       re-planning each time. This will occur immediately if the prepared statement has no parameters; otherwise it occurs only if the generic
       plan appears to be not much more expensive than a plan that depends on specific parameter values. Typically, a generic plan will be
       selected only if the query's performance is estimated to be fairly insensitive to the specific parameter values supplied.

       To examine the query plan PostgreSQL is using for a prepared statement, use EXPLAIN(7). If a generic plan is in use, it will contain
       parameter symbols $n, while a custom plan will have the current actual parameter values substituted into it.

       For more information on query planning and the statistics collected by PostgreSQL for that purpose, see the ANALYZE(7) documentation.

       You can see all prepared statements available in the session by querying the pg_prepared_statements system view.

EXAMPLES

       Create a prepared statement for an INSERT statement, and then execute it:

	   PREPARE fooplan (int, text, bool, numeric) AS
	       INSERT INTO foo VALUES($1, $2, $3, $4);
	   EXECUTE fooplan(1, 'Hunter Valley', 't', 200.00);

       Create a prepared statement for a SELECT statement, and then execute it:

	   PREPARE usrrptplan (int) AS
	       SELECT * FROM users u, logs l WHERE u.usrid=$1 AND u.usrid=l.usrid
	       AND l.date = $2;
	   EXECUTE usrrptplan(1, current_date);

       Note that the data type of the second parameter is not specified, so it is inferred from the context in which $2 is used.

COMPATIBILITY

       The SQL standard includes a PREPARE statement, but it is only for use in embedded SQL. This version of the PREPARE statement also uses a
       somewhat different syntax.

SEE ALSO

       DEALLOCATE(7), EXECUTE(7)

PostgreSQL 9.2.7						    2014-02-17								PREPARE(7)