使用存储过程和参数化查询。
参数化查询在查询执行之前绑定参数的值。
A parameterized query binds the value of the parameter before the query execution.
注意:这一步类似于用SQL创建参数化查询。
Note: This step is similar to creating a parameterized query in SQL.
使用参数化查询。
在现有的Rails应用程序中启用参数化查询。
Enabling parameterized queries in existing Rails applications.
相反,使用参数化查询并将用户输入分配给参数对象。
Instead, use a parameterized query and assign user input to parameter objects.
每个Cognos报告可以包含用于参数化查询的参数。
Each Cognos report can contain parameters that can be used in parameterized queries.
参数化查询将返回满足查询内的where子句条件的数据。
A parameterized query returns data that meets the conditions of a WHERE clause within the query.
使用参数化查询或存储过程来访问数据库,而不是使用字符串连接。
Use parameterized queries or stored procedures to access a database as opposed to using string concatenation.
存储过程类似于参数化查询,也要求您首先定义SQL代码,然后再传入参数。
Stored procedures are similar to parameterized queries in that they require you to define the SQL code first, then pass in the parameters later.
要在Rails中利用参数化查询,您无需修改应用程序中的任何代码。
In order to take advantage of parameterized queries in Rails, you do not need to modify any of the code within the application. You just need to follow two simple steps to enable this new feature.
参数化查询要求您定义所有的SQL代码,然后向查询传入每个参数。
Parameterized queries require that you define all the SQL code and then pass in each parameter to the query later.
良好实践是参数化查询,从而仅解析或准备查询一次,然后再缓存并重用它。
The good practice is to parameterize a query, which allows the query to be parsed or prepared only once, cached, and reused. So a better way to write the query is to use a named parameter
所有这些查询可以简化为一个参数化查询(也称为一个预准备语句),如清单2所示。
All of these can be condensed into a single parameterized query (also known as a prepared statement), as shown in Listing 2.
参数化查询的主要性能好处是优化器可以制定在重复执行语句时能够再使用的存取路径。
The key performance benefit of parameterized queries is that the optimizer can formulate an access path that can be reused over repeated executions of the statement.
要在一个给定的应用程序中启用参数化查询,应指定parameterized参数。
To enable parameterized queries in a given application, specify the parameterized parameter. For instance.
典型的参数化查询使用这些参数来代替文字值,因此where子句条件可以在运行时更改。
A typical parameterized query USES these parameters instead of literal values, so that WHERE clause conditions can be changed at run time.
数据驱动的查询必须指定参数化查询的文本并识别任何需要填写参数的列(在相关的列集合中)。
Data Driven Queries must specify the text of the parameterized query and identify any columns (in the associated columns collection) needed to fill in the parameters.
这个出色特性只在DB 2 9.7中可用;如果某个特定开发框架不能使用参数化查询,则应该激活这个特性。
It's an excellent feature that's only available in DB2 9.7 and is one that should be activated if parameterized queries are not available for a given development framework.
与多数数据库应用程序不同,XPath不支持参数化查询的概念,但是您可以使用其他API(比如XQuery)模拟该概念。
Unlike most database applications, XPath does not support the concept of parameterized queries, but you can mimic the concept using other APIs such as XQuery.
图1中的图形展示了在启用和禁用参数化查询以及激活StatementConcentrator的情况下测试一个相对较重的工作负载的结果。
The graph in Figure 1 shows the results obtained when testing a relatively heavy workload with and without parameterized queries enabled, as well as with the Statement Concentrator activated.
如果这个配置参数没有设置,那么ActiveRecordadapter forDB 2将继续像以前的版本一样工作,不会将常规查询转换为参数化查询。
If this configuration parameter is not set, the ActiveRecord adapter for DB2 will continue to work as per the previous versions, without transforming regular queries into parameterized ones.
如您所见,启用参数化查询增加了30- 40%的数据库流量,而在启用StatementConcentrator后甚至提供了15 - 25%的增长。
As you can see, enabling parameterized queries increased the database throughput by about 30-40% and even offered a 15-25% increase over enabling the Statement Concentrator.
DB 2on Rails的这个新版本添加了一层额外的安全性,这要归功于这样一个事实:这些“安全”调用将转换为参数化查询,而参数化查询对SQL注入攻击免疫。
This new edition of DB2 on Rails adds an extra layer of security, thanks to the fact that these "safe" calls are translated into parameterized queries, which are immune to SQL Injection attacks.
一个到xslt谓词映射文件的引用,该引用将参数化谓词转换为特定于插件的人员查询语言。
A reference to an XSLT verb mapping file, which translates the parameterized verbs into the plug-in specific staff query language.
本部分描述作为XSLT映射步骤输入的XML代码片段的语法,其中 XSLT 映射步骤将相当抽象的参数化谓词转换为一组特定于插件的人员查询。
This section describes the syntax of the XML snippet which is the input for the XSLT mapping step that transforms the pretty abstract parameterized verb into a set of plug-in specific staff queries.
您还可以构建参数化语句和查询,后面部分将对它们进行研究。
You can also build parameterized statements and queries, which we will also examine below.
为谓词定义查询参数将产生嵌入在人工任务或业务流程模块的任务模型中的参数化谓词。
Defining the query parameters for a verb it results in a parameterized verb embedded in the task model of your human task or business process module.
在清单11中,通过创建保存查询的外部文件使查询参数化。
In Listing 11, parameterize your query by creating an external file that holds your query.
路径成分与查询参数之间真正的差异是,前者是层次化的,而后者是无次序的。
The real distinction between path components and query parameters is that between hierarchical versus unordered arguments.
应用推荐