I'm personally using CI DB abstraction layer, also used zend_db, they both good but as Eric said, I think PDO is a better option. On Sat, Mar 7, 2009 at 7:34 PM, Eric Butera <eric.butera@xxxxxxxxx> wrote: > On Sat, Mar 7, 2009 at 8:04 AM, Michael A. Peters <mpeters@xxxxxxx> wrote: > > In some earlier thread (I really don't want to dig to find it) I argued > for > > running mysql_real_escape_string right on the _POST > > > > I must concede I was definitely wrong about that. > > > > The right place to do it is in a database abstraction class that does the > > actual insert for you, so that if you need to move your app to a > different > > DB backend you just need to add the proper support to your abstraction > class > > for the new DB. > > > > Let it take care of the escaping when it inserts. > > > > Anywhoo, that being said, does anyone have a suggestion for a good > database > > abstraction class? > > > > Preferably one that already has decent support for several open source > > databases? > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > PDO. :) Anything else is a waste of cpu cycles. > > > -- > http://www.voom.me | EFnet: #voom > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
