[nycphp-talk] Re: New PHundamentals Article
Dan Cech
dcech at phpwerx.net
Tue Jan 6 12:39:09 EST 2004
In PEAR the closest 'equivalent' is probably quote (), the other 2
functions are much more powerful tools.
The same goes for ADODB, you can use qstr () or the PEAR compatible
quote ().
One thing to note about these functions is that they will not only
escape the strings but will quote them as well.
The beauty of them is that they are smart enough to determine what needs
to be done for the particular database, so you don't need to worry about
them being MySQL/PostgreSQL/etc specific.
Dan
Jeff Siegel wrote:
> Sorry...comment period ended 5 minutes ago. ;)
>
> Jeff
> P.S. Since I don't use PEAR, the question is, which one of the functions
> are used for escaping data? All three? Since the major focus is on
> MySQL, is there one that is MySQL-specific?
>
> David Mintz wrote:
>
>> If the comment period isn't over yet, I have $.02.
>>
>> You might mention that if you happen to be using PEAR DB library, you
>> might as well use quote(), or prepare() and execute(), which take care of
>> correctly quoting the values represented by ? in parameterized SQL
>> statements.
>>
>>
>> ---
>> David Mintz
>> http://davidmintz.org/
>>
>> "Anybody else got a problem with Webistics?" -- Sopranos 24:17
>> _______________________________________________
>> talk mailing list
>> talk at lists.nyphp.org
>> http://lists.nyphp.org/mailman/listinfo/talk
>>
>
More information about the talk
mailing list