FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Prep. Statements only in mysql-i?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Prep. Statements only in mysql-i? [message #177641 is a reply to message #177640] Wed, 11 April 2012 23:16 Go to previous messageGo to previous message
Thomas 'PointedEars'  is currently offline  Thomas 'PointedEars'
Messages: 701
Registered: October 2010
Karma:
Senior Member
Alexandra Herzog wrote:

> I would like to change my homepage (php5, mysql) to use 'prepared
> statements'.
>
> Should I use the mysql-i object?

Yes, unless PDO is or can be made available.

> Or do 'prepared statements' also exist in the normal, plain old mysql
> object, which I know from php4 ?

No. RTFM: <http://php.net/manual/en/set.mysqlinfo.php>

> PDO seems to offer only database independance,

PDO offers much more, including an convenient API for prepared statements
and transactions. RTFM: <http://php.net/manual/en/intro.pdo.php>

Between mysqli and PDO, I have decided in favor of PDO primarily because on
top of several database drivers, PDOStatement::execute() allows to pass
parameters as an associative array without binding values to variables
first. Therefore, I have found PDO's to be a very suitable, sufficiently
flexible API for use in MVC-based frameworks, including mine. AFAIK, Zend
Framework uses PDO by default, too.

> but my hoster only offers mysql

Tough luck.

> and I don't intend to change that in the future (it's just a small
> homepage).

You will have to make a change if you want to use prepared statements and
thereby gain a minimum of Web application security.

BTW, there is also de.comp.lang.php, which (also?) has a FAQ.


PointedEars
--
Prototype.js was written by people who don't know javascript for people
who don't know javascript. People who don't know javascript are not
the best source of advice on designing systems that use javascript.
-- Richard Cornford, cljs, <f806at$ail$1$8300dec7(at)news(dot)demon(dot)co(dot)uk>
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Clean PDO-MySQL Statement
Next Topic: Getting date URLs and prev/next links working in Codeigniter
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Nov 07 21:25:23 GMT 2024

Total time taken to generate the page: 0.05877 seconds