On Wed, 6 Apr 2022 at 17:38, Craig Francis <cr...@craigfrancis.co.uk> wrote:
> Kamil has been working on a proof of concept for a > `mysqli_execute_query($sql, $params)` function, and I've written up a draft > RFC for it: > > https://wiki.php.net/rfc/mysqli_execute_query > > It's continuing the work Kamil has done with the "mysqli bind in execute" > RFC [1], to make parameterised MySQLi queries even easier, by creating a > single function that takes the SQL and Parameters and > returns mysqli_result|false. > > While this can be implemented in userland, the focus is on trying to make > parameterised queries as easy as possible, so developers are less less > likely to use risky escaping. > Just officially Introducing and putting this RFC in the "Under Discussion" phase. Craig