Hello all:
I had a few questions.
First, I'm using php-fastcgi with nginx for my primary web server. I was wondering what sorts of optimizations exist to make this process a lot faster. Second, I'm setting up a custom application, and it contains an authentication module for login/registration. In doing this, I discovered PDO (I used to just use the mysql_* functions). According to google, it's easier to prevent mysql injection attacks with PDO, so I dove in. Before, I was using $pdo->exec("...");, but I read that I need to call quote on the variables I'm passing in. It looks like that all quote does is just add '...' on the variables, but I could be wrong.
So, here's my questions:
First, I know that prepared statements are immune to mysql injection attacks, if I just use the variables with placeholders in the statements. I know that caching these means that the optimization does not have to be done every time, but is this the most efficient method for adding a single user for registration? Or would a basic query be better. Also, I had the idea of building up common queries and cacheing them, but this isn't really possible since each php script (as far as I'm aware) gets it's own process or environment. If I can build the prepared statements and cache them, it seems like things would be a lot quicker. Is this something commonly done?


--
Take care,
Ty
http://tds-solutions.net
The aspen project: a barebones light-weight mud engine:
http://code.google.com/p/aspenmud
He that will not reason is a bigot; he that cannot reason is a fool; he that 
dares not reason is a slave.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to