On Mon, 2007-02-05 at 22:00 +0100, Keryx Web wrote: > Eric Gorr skrev: > > I haven't tracked this particular issue, but I know when PHP5 was first > > released is wasn't recommended in a commercial/production environment. > > However, a lot of time has passed and we're at v5.2 now...have things > > changed? Have Google&Yahoo, for example, moved to PHP5? Or is PHP4 still > > the recommendation for such environments? > > My two cents: Any modern PHP-app should use prepared statements for > efficiency and security. PEAR-DB and some other PHP 4 workable > abstraction layers can emulate this, but it's only in PHP 5 you get the > real thing, with mysqli or PDO, or a PHP class that's built on top of > such an interface. > > To me, that's the must have feature of PHP 5 I can't be without. Nor do > I think one could call him-/herself professional still doing old school > mysql-interface calls to the DBMS. I sincerely question the competence of someone who advocates a one size fits all approach to programming. There are many reasons why a developer may work with the old-school interface calls. For instance they may be supporting an old school application. They might be writing their own abstract layer. They might be optimizing an extremely loaded system whereby explicitly using the API calls improves speed. Prepared statements only improve speed when making multiple queries to the database having the same format. They slow things down when making unique queries. Any developer worth his salt doesn't need prepared statements to improve security, and assuming prepared statements will protect you is silly since they cannot protect against everything. A professional knows when to use any given approach given the environment and requirements. Cheers, Rob. -- .------------------------------------------------------------. | InterJinn Application Framework - http://www.interjinn.com | :------------------------------------------------------------: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `------------------------------------------------------------' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
