ctx2002 wrote:
is there a way to avoid use PDO prepared statment for execute a sql statement?
because most of time,our sql statements only be executed one time.
No, the current design of Zend_Db is to prepare all SQL statements.
Executing a statement multiple times is not the only reason to use prepared statements. It also allows you to submit parameters at statement execute-time, with no need to escape the value. This makes it simpler and safer to use application variables in SQL queries, avoiding SQL injection vulnerabilities.
Some people have claimed that prepared statements introduce overhead and are less efficient for SQL statements you only need to execute once. However, I've never seen this claim supported by evidence.
Ulf Wendel of Sun/MySQL recently posted a pretty thorough performance test:
http://blog.ulf-wendel.de/?p=187He showed no more than 10% overhead caused by prepared statements, and that only when used improperly. His conclusion is that prepared statements should continue to be recommended as a best practice.
If you really need to execute non-prepared statements, Zend_Db provides the getConnection() method as a workaround, which returns a resource for the database connection used by the underlying PHP extension. For instance, this is necessary to run statements that are incompatible with being prepared, such as DDL statements in older versions of MySQL (but running DDL statements is not what Zend_Db was designed for).
See
http://framework.zend.com/manual/en/zend.db.html#zend.db.adapter.other-statements for examples of using getConnection().
Regards,
Bill Karwin
