Support for prepared statements

[cristoirmac]

I think prepared statements could help our performance, especially by eliminating the parse/optimizer step since we execute thousands of queries of the same structure but different values.

Server-side prepared statements are useful for:

• Optimizing queries. HP Vertica only needs to parse the statement once.
• Preventing SQL injection attacks. A SQL injection attack occurs when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly run. Since a prepared statement is parsed separately from the input data, there is no chance the data can be accidentally executed by the database.
• Binding direct variables to return columns. By pointing to data structures, the code doesn't have to perform extra transformations.

https://my.vertica.com/docs/7.1.x/HTML/Content/Authoring/ConnectingToHPVertica/ClientDriverMisc/UsingPreparedStatements.htm

[wvanbergen]

I am happy to merge support for prepared statements, but I am not working on this library myself anymore.

FWIW, if preventing SQL injection is what you are after: it's also possible to do parameterization of queries client-side, without implementing prepared statements which is a lot more work.