Support server side prepared statements with PDO?

Question

Given something like

DB()->prepare(\"SELECT * FROM mysql.general_log WHERE user_host LIKE ?\");

$statement->execute( array(\'%console%\') );

foreach(         


        

Answer 1

By default, PDO_MYSQL emulates the prepared statements. To use the native server-side prepared statements, one should explicitely set

$PDO->setAttribute(PDO::ATTR_EMULATE_PREPARES,false);

Answer 2

Some PDO drivers don't support native prepared statements, so PDO performs emulation of the prepare. It also lets you manually enable this emulation.

Check the PDO::ATTR_EMULATE_PREPARES attribute. It's poorly documented in the current PDO manual. By poorly documented, I mean that it appears only in comments on the site, not in the manual itself.

Generally you want to use native prepared statements whenever possible. In the case of MySQL, if you are taking advantage of the query cache, you might actually want to disable native prepared statements in PDO! The MySQL manual has more information, but the short version is that versions prior to 5.1.17 don't run prepared statements through the query cache, and subsequent versions only use the query cache under certain specific (but common) conditions.

(Some people recommend turning off the query cache entirely. Using large cache sizes can actually be a major performance hit.)