On Tue, Mar 29, 2011 at 11:25 PM, Brian Moon <[email protected]> wrote:
> As a PHP developer, may I say I think this is an oversimplification of the
> issue. The reality is that you can't stop people from writing bad SQL. Also,
No, but you can ensure the simple case is safe.
> there are times when more than just a where clause has to be built
> dynamically. So, you end up writing your own user space code to deal with
> this anyway. Don't complicate my life and make me have to do it in userspace
> and use a clunky function, class, hellhole (ie PDO mysql prepared syntax)
> bit of code on top of it for every single query I write.
That syntax sucks. Something like this is what I had in mind:
drizzle_query("select name from users where
user_id = ?", $_GET['user_id']);
> So, you can't stop people from writing bad SQL. You just can't. So, please
> don't make it suck for all the real developers out there that know how to
> write code.
This is about increasing the safety without any disadvantages.
Olaf
_______________________________________________
Mailing list: https://launchpad.net/~drizzle-discuss
Post to : [email protected]
Unsubscribe : https://launchpad.net/~drizzle-discuss
More help : https://help.launchpad.net/ListHelp
