[vox-tech] BSD versus Linux (and SQL/PHP/magic quoting)
Troy Arnold
troy-vox at zenux.net
Sun Mar 20 12:12:14 PST 2005
On Fri, Mar 18, 2005 at 11:46:17AM -0800, Dylan Beaudette wrote:
> On Friday 18 March 2005 11:01 am, Ken Bloom wrote:
> [snip]
> > Does PHP not have ?-parameter substitution (so you can say
> > SELECT * FROM table WHERE stringattribute=?
> > and substitute the ? with a string that is properly quoted according to
> > the language conventions?
> [snip]
>
> Yes PHP does have something like this, but you must use the PEAR DB module. It
> takes only a couple of minutes to install, and PHP applications built with
> the PEAR DB interface will be database-vendor agnostic.
The new mysqli (Mysql Improved) extension in php5 supports bind params.
-troy
More information about the vox-tech
mailing list