On 07/10/2011 12:03 PM, Philip Olson wrote:
Greetings PHP geeks,
Don't panic! This is not a proposal to add errors or remove this popular
extension. Not yet anyway, because it's too popular to do that now.
The documentation team is discussing the database security situation, and
educating users to move away from the commonly used ext/mysql extension is part
of this.
This proposal only deals with education, and requests permission to officially
convince people to stop using this old extension. This means:
- Add notes that refer to it as deprecated
- Recommend and link alternatives
- Include examples of alternatives
There are two alternative extensions: pdo_mysql and mysqli, with PDO being the
PHP way and main focus of future endeavors. Right? Please don't digress into
the PDO v2 fiasco here.
What this means to ext/mysql:
- Softly deprecate ext/mysql with education (docs) starting today
- Not adding E_DEPRECATED errors in 5.4, but revisit for 5.5/6.0
- Add pdo_mysql examples within the ext/mysql docs that mimic the current
examples, but occasionally introduce features like prepared statements
- Focus energy on cleaning up the pdo_mysql and mysqli documentation
- Create a general "The MySQL situation" document that explains the situation
The PHP community has been recommending alternatives for several years now, so
hopefully this won't be a new concept or shock to most users.
Regards,
Philip
A-frickin'-men! :-)
Just today I was talking to a new developer in #PHP in IRC who had code
with mysql_* calls in it. I don't know where he found them, but I told
him to put them back where he found them right away and use PDO
instead. That people are still learning ext/mysql in this day and age
is quite sad.
There's millions of lines of code out there we can't break yet, but we
can absolutely structure documentation so that we don't produce even
more PHP developers who mistakenly think that mysql_query() is a good idea.
+1
--Larry Garfield
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
