Things I have used prepared statements for:
1. SELECT
2. UPDATE
3. INSERT
4. DELETE
5. Stored procedures
Things I am aware of that prepared statements are not capable of doing:
What have you read that prepared statements can't do? I've not heard
of anything, nor have I encountered anything,
On Tue, 2009-07-14 at 01:52 -0400, Andrew Ballard wrote:
On Mon, Jul 13, 2009 at 4:18 PM, Haig Dedeyanhdede...@videotron.ca wrote:
for the phone #'s, I'm using int as the data type storing each part of the
phone # in its own cell,
When it gets displayed, I add a dash in between each part
Eddie Drapkin wrote:
Things I have used prepared statements for:
1. SELECT
2. UPDATE
3. INSERT
4. DELETE
5. Stored procedures
Things I am aware of that prepared statements are not capable of doing:
What have you read that prepared statements can't do? I've not heard
of anything, nor have I
On July 12, 2009 03:34:49 pm Haig Dedeyan wrote:
On Sat, 11 Jul 2009 21:26:36 -0400, Haig Dedeyan wrote:
On Sun, Jul 12, 2009 at 4:09 AM, Haig Dedeyan hdede...@videotron.ca
wrote:
mysql_query(INSERT INTO phonedir
(fname, lname) VALUES('$new_fname','$new_lname'))
or die(mysql_error());
On July 12, 2009 08:52:56 am Haig Dedeyan wrote:
At 6:39 PM -0400 7/11/09, Haig Dedeyan wrote:
[1]
mysql_query(INSERT INTO phonedir
(fname, lname) VALUES('$new_fname','$new_lname'))
or die(mysql_error());
or
[2]
mysql_query(INSERT INTO phonedir
(fname, lname)
At 8:50 PM +0530 7/12/09, Zareef Ahmed wrote:
On Sun, Jul 12, 2009 at 8:42 PM, tedd
mailto:tedd.sperl...@gmail.comtedd.sperl...@gmail.com wrote:
As with all communication, it's better to be clear than obtuse.
Agree, but I believe obtuse word meaning is contextual and depends :)
The word
At 3:53 PM -0400 7/12/09, Paul M Foster wrote:
On Sun, Jul 12, 2009 at 09:07:45AM -0400, tedd wrote:
snip
As for prepared statements, I'm no authority on them, but from what
I've read they are not going to be something I'll be practicing
anytime soon.
Aside from Stuart's comments about
On Monday 13 July 2009 14:31:09 tedd wrote:
At 3:53 PM -0400 7/12/09, Paul M Foster wrote:
On Sun, Jul 12, 2009 at 09:07:45AM -0400, tedd wrote:
snip
As for prepared statements, I'm no authority on them, but from what
I've read they are not going to be something I'll be practicing
On July 13, 2009 09:48:54 am Haig Dedeyan wrote:
On Monday 13 July 2009 14:31:09 tedd wrote:
At 3:53 PM -0400 7/12/09, Paul M Foster wrote:
On Sun, Jul 12, 2009 at 09:07:45AM -0400, tedd wrote:
snip
As for prepared statements, I'm no authority on them, but from what
I've read
On Mon, Jul 13, 2009 at 4:18 PM, Haig Dedeyanhdede...@videotron.ca wrote:
On July 13, 2009 09:48:54 am Haig Dedeyan wrote:
On Monday 13 July 2009 14:31:09 tedd wrote:
At 3:53 PM -0400 7/12/09, Paul M Foster wrote:
On Sun, Jul 12, 2009 at 09:07:45AM -0400, tedd wrote:
snip
As for
On Mon, 2009-07-13 at 16:30 -0400, Bastien Koert wrote:
On Mon, Jul 13, 2009 at 4:18 PM, Haig Dedeyanhdede...@videotron.ca wrote:
On July 13, 2009 09:48:54 am Haig Dedeyan wrote:
On Monday 13 July 2009 14:31:09 tedd wrote:
At 3:53 PM -0400 7/12/09, Paul M Foster wrote:
On Sun, Jul 12,
On Mon, Jul 13, 2009 at 5:52 PM, Ashley
Sheridana...@ashleysheridan.co.uk wrote:
On Mon, 2009-07-13 at 16:30 -0400, Bastien Koert wrote:
On Mon, Jul 13, 2009 at 4:18 PM, Haig Dedeyanhdede...@videotron.ca wrote:
On July 13, 2009 09:48:54 am Haig Dedeyan wrote:
On Monday 13 July 2009 14:31:09
tedd wrote:
At 3:53 PM -0400 7/12/09, Paul M Foster wrote:
On Sun, Jul 12, 2009 at 09:07:45AM -0400, tedd wrote:
snip
As for prepared statements, I'm no authority on them, but from what
I've read they are not going to be something I'll be practicing
anytime soon.
Aside from Stuart's
On Mon, Jul 13, 2009 at 4:18 PM, Haig Dedeyanhdede...@videotron.ca wrote:
for the phone #'s, I'm using int as the data type storing each part of the
phone # in its own cell,
When it gets displayed, I add a dash in between each part of the phone #'s
(country code-area code-1st set of
2009/7/12 Haig Dedeyan hdede...@videotron.ca
On July 11, 2009 08:21:34 pm Haig Dedeyan wrote:
On Sun, Jul 12, 2009 at 4:09 AM, Haig Dedeyan hdede...@videotron.ca
wrote:
On July 11, 2009 10:57:14 am Haig Dedeyan wrote:
At 10:12 PM -0400 7/10/09, Haig Dedeyan wrote:
[1]
At 6:39 PM -0400 7/11/09, Haig Dedeyan wrote:
[1]
mysql_query(INSERT INTO phonedir
(fname, lname) VALUES('$new_fname','$new_lname'))
or die(mysql_error());
or
[2]
mysql_query(INSERT INTO phonedir
(fname, lname)
Hi gang:
I am top posting only to show that the following post makes no sense
as to who said what.
At what point here Zareef, did you think you were helping anyone? Or
is this more of your I'm going to do whatever I want attitude?
I would hate to review code with such lack of forethought
At 9:26 PM -0400 7/11/09, Haig Dedeyan wrote:
@Tedd - I will be looking into prepared statements eventually but I
still want to understand escaping.
Haig:
I'm not the one pushing the prepared statements, that's someone else.
However, I can see how you might think that considering how
On Sun, Jul 12, 2009 at 6:32 PM, tedd tedd.sperl...@gmail.com wrote:
Hi gang:
I am top posting only to show that the following post makes no sense as to
who said what.
At what point here Zareef, did you think you were helping anyone? Or is
this more of your I'm going to do whatever I want
At 8:24 PM +0530 7/12/09, Zareef Ahmed wrote:
On Sun, Jul 12, 2009 at 6:32 PM, tedd
mailto:tedd.sperl...@gmail.comtedd.sperl...@gmail.com wrote:
Hi gang:
I am top posting only to show that the following post makes no sense
as to who said what.
At what point here Zareef, did you think you
On Sun, Jul 12, 2009 at 8:42 PM, tedd tedd.sperl...@gmail.com wrote:
At 8:24 PM +0530 7/12/09, Zareef Ahmed wrote:
On Sun, Jul 12, 2009 at 6:32 PM, tedd mailto:tedd.sperl...@gmail.com
tedd.sperl...@gmail.com wrote:
Hi gang:
I am top posting only to show that the following post makes no
On Sat, 11 Jul 2009 21:26:36 -0400, Haig Dedeyan wrote:
On Sun, Jul 12, 2009 at 4:09 AM, Haig Dedeyan hdede...@videotron.ca wrote:
mysql_query(INSERT INTO phonedir
(fname, lname) VALUES('$new_fname','$new_lname'))
or die(mysql_error());
I won;t be using 2x escapes but I just need to know
On Sun, Jul 12, 2009 at 09:07:45AM -0400, tedd wrote:
snip
As for prepared statements, I'm no authority on them, but from what
I've read they are not going to be something I'll be practicing
anytime soon.
Aside from Stuart's comments about slowness, what else have you read
that makes you
On Jul 10, 2009, at 10:12 PM, Haig Dedeyan hdede...@videotron.ca
wrote:
Hi everyone,
I'm starting to experiment with an edit form and I am seeing the
following
behaviour:
$fname = mysql_real_escape_string($fname);
$lname = mysql_real_escape_string($lname);
$sql = UPDATE phonedir
At 10:12 PM -0400 7/10/09, Haig Dedeyan wrote:
[1]
$fname = mysql_real_escape_string($fname);
$lname = mysql_real_escape_string($lname);
$sql = UPDATE phonedir SET fname = '$fname',lname = '$lname' WHERE id=$id;
$result = mysql_query($sql);
echo mysql_error() . \n;
This will result in the
On July 11, 2009 10:57:14 am Haig Dedeyan wrote:
At 10:12 PM -0400 7/10/09, Haig Dedeyan wrote:
[1]
$fname = mysql_real_escape_string($fname);
$lname = mysql_real_escape_string($lname);
$sql = UPDATE phonedir SET fname = '$fname',lname = '$lname' WHERE
id=$id; $result =
On Sat, Jul 11, 2009 at 6:39 PM, Haig Dedeyanhdede...@videotron.ca wrote:
On July 11, 2009 10:57:14 am Haig Dedeyan wrote:
At 10:12 PM -0400 7/10/09, Haig Dedeyan wrote:
[1]
$fname = mysql_real_escape_string($fname);
$lname = mysql_real_escape_string($lname);
$sql = UPDATE phonedir SET
2009/7/12 Eddie Drapkin oorza...@gmail.com:
No offense or anything, but all of this work you've done is
immediately mode obsolete the second you switch to prepared
statements. They're easier to use and more secure, as well as making
code more readable. I don't understand why it's so hard for
On Sun, Jul 12, 2009 at 4:09 AM, Haig Dedeyan hdede...@videotron.ca wrote:
On July 11, 2009 10:57:14 am Haig Dedeyan wrote:
At 10:12 PM -0400 7/10/09, Haig Dedeyan wrote:
[1]
$fname = mysql_real_escape_string($fname);
$lname = mysql_real_escape_string($lname);
$sql = UPDATE
On July 11, 2009 08:21:34 pm Haig Dedeyan wrote:
On Sun, Jul 12, 2009 at 4:09 AM, Haig Dedeyan hdede...@videotron.ca wrote:
On July 11, 2009 10:57:14 am Haig Dedeyan wrote:
At 10:12 PM -0400 7/10/09, Haig Dedeyan wrote:
[1]
$fname = mysql_real_escape_string($fname);
$lname =
Hi everyone,
I'm starting to experiment with an edit form and I am seeing the following
behaviour:
$fname = mysql_real_escape_string($fname);
$lname = mysql_real_escape_string($lname);
$sql = UPDATE phonedir SET fname = '$fname',lname = '$lname' WHERE id=$id;
$result = mysql_query($sql);
Haig Dedeyan wrote:
Hi everyone,
I'm starting to experiment with an edit form and I am seeing the following
behaviour:
$fname = mysql_real_escape_string($fname);
$lname = mysql_real_escape_string($lname);
$sql = UPDATE phonedir SET fname = '$fname',lname = '$lname' WHERE id=$id;
$result =
On July 10, 2009 11:26:04 pm Haig Dedeyan wrote:
Haig Dedeyan wrote:
Hi everyone,
I'm starting to experiment with an edit form and I am seeing the
following behaviour:
$fname = mysql_real_escape_string($fname);
$lname = mysql_real_escape_string($lname);
$sql = UPDATE phonedir
33 matches
Mail list logo