1) You're not stupid 2) You're not too old to accomplish what you want to accomplish. A couple of good books (preferably fairly short ones) by people who know what they're talking about *and* know how to write should help a great deal. Like you, I cut my programming teeth in BASIC stored on cassette tape. My php skills are out of date, (probably of the same vintage as yours), or I'd be able to recommend specific titles. I'm sure the good people here can help you out with that. I began studying programming seriously an about age 45. I'm 60 now and always learning new things. OOP is not rocket science (until you begin programming rockets); and I've had enough exposure to mysqli and PDO and all the rest of the stuff you mentioned to know they're learnable too. Learning new and challenging stuff *should* make your head hurt, sometimes. (Not your eyes bleed, though; you might want to check that out :-) ). IMO, it's worth the temporary suffering for the joy it brings when it all starts to make sense. So, to make a long story a headache (as my father used to say), being past 50 does change the *way* you learn. But it doesn't rob you of the *ability* to learn. Get a couple of good books. Give yourself a break. Take a day off now and then. And keep in mind the fable of the old bull and the young bull. Enjoy! On Mon, Jul 8, 2013 at 5:02 AM, Kris <ellsinore@xxxxxxxxx> wrote: > All of my PHP/MySQL stuff was done years ago, and I used "good > practices" at the time. Things have changed, and it's past time to > get up to speed on mysqli, PDO, sessions, etc. All my projects to > date have been private, hobby things that "outsiders" didn't have > access to. That's about to change -- well, if I can ever get this > stuff figured out. > > I've been digging around on the web for several weeks now, and I don't > feel like I've made much in the way of progress as regards prepared > statements and mysqli and SQL injection and PDO and XSS attacks and > OOP -- did manage to get a handle on full-text search, sessions, and > sanitizing and validating user input, though. ;-) > > But mostly I feel like I'm just going around in circles. Every time I > think, "Okay, I'm going to do it THIS way!" I run into a problem, > Google for the solution, and find lots of different solutions, or > problems, relating to things that I thought I had already resolved. > > Lots of RTFM hours invested, but still unsure about where to go from > here. > > I've tried to figure out OOP a few times in the past, and it just > makes my eyes bleed and my brain hurt. I can't seem to grasp it at > all. I'm pretty sure I'm not stupid -- maybe it's because I stored my > first BASIC program on a cassette tape? > > But . . . PDO is OOP? And mysqli is OOP or procedural -- but PDO is > the better solution? Either way, I just can't figure out how to > convert some of my mysql queries to either one. > > I found, of course, oodles of info on the web. I check dates to make > sure it's current, but they're sneaky -- one tutorial I found from > 2012 seemed pretty good until the author recommended using > mysql_real_escape_string, and even *I* knew that wasn't right -- > getting rid of that usage is one of the reasons I started digging > around in the first place. Reading down through the comments, I found > it was a re-post of a 2006 article, but, interestingly enough, while > they discussed several other recommendations, not a single commenter > mentioned the mysql_real_escape_string issue. > > I know how to Google -- but I can't always tell if what I'm finding is > really "it" or just another load of . . . misinformation. Who are the > REAL authorities on this stuff? I like books, too, since I don't want > to spend all my time in front of a screen -- but the expense would > require limiting them to just one or two -- I want to get the "right" > ones. > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php