On Thu, Mar 5, 2009 at 1:47 PM, haliphax <haliphax@xxxxxxxxx> wrote: > On Thu, Mar 5, 2009 at 11:41 AM, Eric Butera <eric.butera@xxxxxxxxx> wrote: >> On Thu, Mar 5, 2009 at 12:21 PM, haliphax <haliphax@xxxxxxxxx> wrote: >>> On Thu, Mar 5, 2009 at 11:08 AM, Eric Butera <eric.butera@xxxxxxxxx> wrote: >>>> On Thu, Mar 5, 2009 at 12:00 PM, haliphax <haliphax@xxxxxxxxx> wrote: >>>>> On Thu, Mar 5, 2009 at 10:52 AM, Eric Butera <eric.butera@xxxxxxxxx> wrote: >>>>>> Make sure to always pass your active database connection into the >>>>>> second parameter of mysql_real_escape_string. There could be >>>>>> character set differences between your two servers too that might be >>>>>> causing issues for you. If at all possible I would recommend >>>>>> upgrading to mysqli or pdo and use prepared statements. >>>>> >>>>> mysqli may not be available to him (PHP4, etc.) and I don't see why he >>>>> should completely switch his procedure if his code will work with the >>>>> addition of the db handle in the function call... but that's my 2c. I >>>>> agree that at some level, it is more beneficial to change all of the >>>>> code you have to use a new method/construct/whatever, but it may not >>>>> be worth it in his case. >>>> >>>> Using php4 is beyond irresponsible at this point. >>> >>> Nice quip, but it doesn't do any of us any good who are stuck with >>> PHP4 due to the decisions of people with more clout in the >>> organization than we (like perhaps the OP). >>> >>> :p >> >> We heard those arguments for years. Using software with no security >> patches is insane. > > I agree! However, there are a lot of insane people that are given the > reigns to decisions that are not the same people who program (and > understand) the applications involved... > > :( > > > -- > // Todd > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > I talked my company into do it because of the new features that would save time. Show them simplexml and domdocument. It's up to you to make it happen. But at this point its completely abandoned. That should be good enough for anything that is getting active development time. -- http://www.voom.me | EFnet: #voom -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
