[nycphp-talk] Re: New PHundamentals Article
Jeff Siegel
jsiegel1 at optonline.net
Tue Jan 6 13:30:52 EST 2004
Change was made.
David Mintz wrote:
>
> DB::quote() (and I quote) "[q]uotes a string database-dependent, so it can
> be safely used in a query." They mean, it quotes it correctly for the
> backend db that you connected to when you called connect() and got a $db
> object. They further say the currently supported database backends are
> MySQL, PostgreSQL, InterBase, Mini SQL, Microsoft SQL Server, Oracle
> 7/8/8i, ODBC (Open Database Connectivity), SyBase, Informix, FrontBase.
>
> prepare() and execute() perform more or less comparably to their
> counterparts in JDBC and Perl DBI.
> http://pear.php.net/manual/en/package.database.db.intro-execute.php
>
> On Tue, 6 Jan 2004, Jeff Siegel wrote:
>
>
>>P.S. Since I don't use PEAR, the question is, which one of the functions
>>are used for escaping data? All three? Since the major focus is on
>>MySQL, is there one that is MySQL-specific?
>>
>>David Mintz wrote:
>>
>>
>>>If the comment period isn't over yet, I have $.02.
>>>
>>>You might mention that if you happen to be using PEAR DB library, you
>>>might as well use quote(), or prepare() and execute(), which take care of
>>>correctly quoting the values represented by ? in parameterized SQL
>>>statements.
>>>
>>>
>>>---
>>>David Mintz
>>>http://davidmintz.org/
>>>
>>> "Anybody else got a problem with Webistics?" -- Sopranos 24:17
>
> _______________________________________________
> talk mailing list
> talk at lists.nyphp.org
> http://lists.nyphp.org/mailman/listinfo/talk
>
--
Found on the Simpson's Website:
"Ooooooh, they have the internet on computers now!"
More information about the talk
mailing list