[nycphp-talk] "mysqli_real_escape_string" = clueless
Allen Shaw
ashaw at polymerdb.org
Thu Jun 25 19:33:05 EDT 2009
a.k.a. prepared statements?
Okay, got it. Thanks much for the clue. Got some reading to do now...
- A.
Eddie Drapkin wrote:
> parameterized queries!
>
> On Thu, Jun 25, 2009 at 6:39 PM, Allen Shaw<ashaw at polymerdb.org> wrote:
>
>> John Campbell wrote:
>>
>>> if I ever see "mysqli_real_escape_string" in someone's code, I immediately
>>> write the
>>> person off as clueless.
>>>
>>>
>> Clearly you're working a few levels above where I am, which is not saying
>> much, to be fair.
>>
>> What techniques are we talking about here that make this function obsolete?
>>
>> Thanks,
>> Allen
>>
>> --
>> Allen Shaw
>> slidePresenter (http://slides.sourceforge.net)
>>
>> _______________________________________________
>> New York PHP User Group Community Talk Mailing List
>> http://lists.nyphp.org/mailman/listinfo/talk
>>
>> http://www.nyphp.org/show_participation.php
>>
>>
> _______________________________________________
> New York PHP User Group Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> http://www.nyphp.org/show_participation.php
>
--
Allen Shaw
slidePresenter (http://slides.sourceforge.net)
More information about the talk
mailing list