FUDforum: comp.lang.php » Sanitising input

Home » Imported messages » comp.lang.php » Sanitising input

Show: Today's Messages :: Polls :: Message Navigator

Re: Sanitising input [message #172122 is a reply to message #172120]

Mon, 31 January 2011 05:38

Ross McKay
Messages: 14
Registered: January 2011

Karma:

Junior Member

On Mon, 31 Jan 2011 00:10:00 -0500, Jerry Stuckle wrote:

> About 4 months ago. PDO is still slower. It has to use the same mysql_
> functions that PHP uses - it just adds an additional layer before
> calling them. I got a significant performance increase simply by
> dropping PDO in favor of native calls.

Sounds like you must have had poor PDO code, and rather than fix it, you
replaced it with good mysql_* code. Others do not find significant
performance increases. But go ahead, blame PDO instead of your ability
to use PDO correctly :)

>> But minimal overhead, compared with the actual database statement
>> execution.
>
> An overly broad statement which is not at all absolutely true. The
> overhead of the bound parameters may easily exceed that of an efficient
> statement execution. And whether the overhead is minimal or not - it is
> still added overhead.

Sure, broad... but typical. There are always cases where optimisation
finds a better way. I have yet to be seriously hamstrung by using PDO
over mysql_* or pg_*.

>> First crawl, then walk, then run. I'd rather the OP got to running with
>> two intact feet. Then they can determine the best way. ITMT, their
>> question has been well answered by several posters now, and they get to
>> pick their path.
>
> Yes, and I've found in over 20 years of corporate programmer training

Appeal to accomplishment -- noted. Shall we measure, or will you accept
that I have one too?

> that it's best to teach the lower level stuff first, along with the
> gotchas and restrictions. That way the programmer better *understands*
> the process - and can make more informed decisions.
>
> I've seen people who always try to take the quick and easy way out. It
> works for a while - but eventually it comes back to bit them every time.
> That's why I was able to make several thousand dollars converting the
> site from PDO to native calls - the guy who first wrote it thought PDO
> was the slickest thing since snot on a doorknob and couldn't be beat.
> Well, he was wrong, and unfortunately it cost the customer.

Again, sounds like some bad PDO code that could have been written better
but you (over?) charged the customer to convert vast tracts of it from
PDO to mysql_* because... you don't know enough about PDO?

As for snot on door knobs, I've yet to find a database interface that
I'm entirely satisfied with, and PDO leaves a lot to be desired (e.g.
only has parameter bindings for string, int, boolean, null and blob).
But I certainly wouldn't teach a new hire to use different and sometimes
conflicting interfaces for different databases when there is a somewhat
unified one at hand, especially when its performance is near native.

>> Optimise last!
>
> UNDERSTAND FIRST!

Perhaps you should try that one too :)
--
Ross McKay, Toronto, NSW Australia
"If ye cannae see the bottom, dinnae complain if ye droon"
- The Wee Book of Calvin

Report message to a moderator

[Message index]

		Sanitising input By: Mad Hatter on Sun, 30 January 2011 14:09
		Re: Sanitising input By: Michael Fesser on Sun, 30 January 2011 15:00
		Re: Sanitising input By: Denis McMahon on Sun, 30 January 2011 16:35
		Re: Sanitising input By: Norman Peelman on Mon, 31 January 2011 01:17
		Re: Sanitising input By: Captain Paralytic on Mon, 31 January 2011 11:51
		Re: Sanitising input By: Norman Peelman on Mon, 31 January 2011 23:39
		Re: Sanitising input By: Denis McMahon on Tue, 01 February 2011 00:53
		Re: Sanitising input By: Norman Peelman on Tue, 01 February 2011 11:26
		Re: Sanitising input By: Denis McMahon on Mon, 31 January 2011 12:05
		Re: Sanitising input By: P E Schoen on Sun, 30 January 2011 19:47
		Re: Sanitising input By: Felix Saphir on Sun, 30 January 2011 19:55
		Re: Sanitising input By: Ross McKay on Sun, 30 January 2011 21:39
		Re: Sanitising input By: Jerry Stuckle on Sun, 30 January 2011 21:50
		Re: Sanitising input By: Ross McKay on Mon, 31 January 2011 03:43
		Re: Sanitising input By: Jerry Stuckle on Mon, 31 January 2011 04:12
		Re: Sanitising input By: Ross McKay on Mon, 31 January 2011 05:01
		Re: Sanitising input By: Jerry Stuckle on Mon, 31 January 2011 05:10
		Re: Sanitising input By: Ross McKay on Mon, 31 January 2011 05:38
		Re: Sanitising input By: Jerry Stuckle on Mon, 31 January 2011 12:51
		Re: Sanitising input By: Sherm Pendley on Sun, 30 January 2011 22:18
		Re: Sanitising input By: Ross McKay on Mon, 31 January 2011 03:52
		Re: Sanitising input By: Sherm Pendley on Mon, 31 January 2011 05:23

Previous Topic:	Only SPAM!!!
Next Topic:	What tasks are hard for PHP?

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Sat Nov 23 05:28:48 GMT 2024

Total time taken to generate the page: 0.04672 seconds