PreparedStatements and performance

by

The notion that prepared statements are primarily about performance is something of a misconception, although it’s quite a common one.

Another poster mentioned that he noted a speed improvement of about 20% in Oracle and SQL Server. I’ve noted a similar figure with MySQL. It turns out that parsing the query just isn’t such a significant part of the work involved. On a very busy database system, it’s also not clear that query parsing will affect overall throughput: overall, it’ll probably just be using up CPU time that would otherwise be idle while data was coming back from the disk.

So as a reason for using prepared statements, the protection against SQL injection attacks far outweighs the performance improvement. And if you’re not worried about SQL injection attacks, you probably should be…

More Related Contents:

  1. When should we use a PreparedStatement instead of a Statement?
  2. HQL joined query to eager fetch a large number of relationships
  3. Which one to use, int or Integer
  4. StringBuilder vs String concatenation in toString() in Java
  5. What are the effects of exceptions on performance in Java?
  6. Java Reflection Performance
  7. Efficient way to do batch INSERTS with JDBC
  8. Java: Insert multiple rows into MySQL with PreparedStatement
  9. If profiler is not the answer, what other choices do we have?
  10. proper hibernate annotation for byte[]
  11. H2 in-memory database. Table not found
  12. Java get available memory
  13. Java 8’s streams: why parallel stream is slower?
  14. Why do I need Transaction in Hibernate for read-only operations?
  15. ByteBuffer.allocate() vs. ByteBuffer.allocateDirect()
  16. What is more efficient: System.arraycopy or Arrays.copyOf?
  17. What is the easiest way to ignore a JPA field during persistence?
  18. Performance of JavaFx Gui vs Swing
  19. Java Method invocation vs using a variable
  20. Any recommended Java profiling tutorial? [closed]
  21. Which loop has better performance? Why?
  22. Performance penalty of String.intern()
  23. Android – Prevent white screen at startup
  24. Which of these pieces of code is faster in Java?
  25. How to simulate a DB for testing (Java)?
  26. Simple Java program 100 times slower after plugging in USB hotspot
  27. How can I convert seconds since the epoch to hours/minutes/seconds in Java?
  28. Java application profiling
  29. How can I profile my Android app? [closed]
  30. When to use JCR (content repository) over other options?

Leave a Comment