Sample Header Ad - 728x90

Parameterized Query without Prepared Statements and PgBouncer

0 votes
2 answers
794 views
postgresql prepared-statement pgbouncer
my app is written in Go and I use PgBouncer as a connection pool to my Postgres Database. One downside of PgBouncer, in transaction mode, is that I can't use prepared statements. So I have 2 options, using session mode (which is bad) or to disable prepared statements from clients. Is it safe (SQL Injection) to not use prepared statements and use only Parameterized Query (eg. (Select item from products where id = ? , itemID) )
Asked by Bill (29 rep)
Jun 5, 2022, 11:44 AM
Last activity: Nov 27, 2024, 01:00 AM
Sidebar Ad - 300x250
Related Questions

Browse more questions from Database Administrators

More questions tagged "postgresql"
More questions tagged "prepared-statement"
More questions tagged "pgbouncer"
Footer Ad - 728x90