Re: [nyphp-talk] "mysqli_real_escape_string" = clueless

Allen Shaw Thu, 25 Jun 2009 16:33:24 -0700

a.k.a. prepared statements?

Okay, got it.  Thanks much for the clue.  Got some reading to do now...


- A.

Eddie Drapkin wrote:

parameterized queries!

On Thu, Jun 25, 2009 at 6:39 PM, Allen Shaw<as...@polymerdb.org> wrote:

John Campbell wrote:

if I ever see "mysqli_real_escape_string" in someone's code, I immediately
write the
person off as clueless.

Clearly you're working a few levels above where I am, which is not saying
much, to be fair.

What techniques are we talking about here that make this function obsolete?

Thanks,
Allen

--
Allen Shaw
slidePresenter (http://slides.sourceforge.net)

_______________________________________________
New York PHP User Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

http://www.nyphp.org/show_participation.php

_______________________________________________
New York PHP User Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

http://www.nyphp.org/show_participation.php



--
Allen Shaw
slidePresenter (http://slides.sourceforge.net)

_______________________________________________
New York PHP User Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

http://www.nyphp.org/show_participation.php

Re: [nyphp-talk] "mysqli_real_escape_string" = clueless

Reply via email to