Altrea wrote:No. I use prepared statements with every statement. You just don't speed up adding multiple rows, you add an amount of security to prevent SQL Injections.
Prepared statements do not speed up modern PCs at first. Maybe a slight advantage for 1 Million rows in a loop. The SQL Interpreter time is nearly zero in comparison to the physical input/output. At next, prepared statements conflicts badly with the idea of modern programming languages, as they are NOT part of the programming logic, but only for hardware and runtime optimizing. That is in fact bad practice and this kind of optimization *should* be done by the interpreter (or compiler), but NOT by the application programmer.
Last not least, SQL injections can be easily avoided even without prepared statements, mostly SQL injections are due to sluggish programmers.
I never ever used prepared statements and i will never do so.