-----------------------------------------------------------------------
Use FreeOpenSourceSoftwares, Stop piracy, Let the developers live. Get
a Free CD of Ubuntu mailed to your door without any cost. Visit :
www.ubuntu.com
----------------------------------------------------------------------
On Fri, Feb 27, 2009 at 3:20 AM, Hans Schultz <h.schultz78@xxxxxxxxx> wrote:
> I was thinking more of something to fail at compile time if possible :-)
>
> regarding second, that solution with sprintf is vulnerable to SQL
> injection, that is why I wanted something with parameters, instead of
> escaping everything myself
>
Well, you can use mysql_real_escape.. to avoid SQL injection possibilities.
And ofcourse give a try with the mysqli functions, prepared statements and
PDO. And with the frameworks you have less chance to do mistake.
>
> Thanks for your help anyway
>
> --- On *Thu, 2/26/09, 9el <lenin@xxxxxxxxxxxxx>* wrote:
>
> Is there in PHP something like "use strict" from perl? I find it pretty
> annoying to need to run script over and over again just to find out that I
> made typo in variable name.
> see error_reporting(E_ALL|E_STRICT); :)
>
>>
>> Is there some way for PHP to cache some data on the page? I like very much
>> PHP's speed but it would be even better to be able to cache some
>> frequently
>> used data from database?
>> Also regarding databases, I liked a lot java's way of sending data to
>> database
>> using parameters ("select * from user where username = ?" and then passing
>> parameter separately with database doing necessary escaping and
>> everything)..
>> Is there something like PHPDBC similar to JDBC?
>
>
> You can use sprintf("select * from `user` where `username`=%s",$user);
>
> Also you can look into the great frameworks of PHP like ZendFramework,
> CodeIgniter, CakePHP etc.
>
>>
>>
>> TIA,
>> Hans
>>
>>
>> --
>> Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>
>
