On Tue, 27 May 2014 10:48:06 -0400 Jared Smith <[email protected]> wrote:
> > Don't use PHP. ;-) > > I know you probably meant this to be tongue-in-cheek, but this problem > isn't specific to PHP. It's just as easy to write bad SQL statements in > Perl or Python or any other language that interacts with a database. This is true. No language guarantees that you will write good code. Sanitized SQL queries are no exception. That being said, from what I have seen (and, admittedly, not much) the PHP community has only recently started preaching a One Right Way (tm) to do it (PDO). For years, most newbie PHP programmers have learned or been taught the Bad way of doing it. That's probably my biggest beef with PHP, in general: Most of the people writing code in PHP have no clue what the best practices are or should be. That's not the case with Perl, Python, Java, Ruby, etc. It's good that it's (slowly) changing for PHP. -- Doran L. Barton <[email protected]> - Linux, Perl, Web, good fun, and more! "Cesar inspired his men by stating, 'I came, I saw, I left.'" -- Seen in a school report /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
