http://it.slashdot.org/it/06/07/19/1213201.shtml
Re:How difficult is it.
(Score:5, Informative) by aymanh (892834) on Wednesday July 19, @08:46AM (#15742526)
(http://aymanh.com/ | Last Journal: Wednesday July 19, @09:24AM)
(http://aymanh.com/ | Last Journal: Wednesday July 19, @09:24AM)
PHP doesn't force you to do that by hand, you can make use of the numerous database abstraction layers for PHP, like PDO [php.net] or PEAR::DB [php.net].
Here is an example, taken straight from PDO's page:
Here is an example, taken straight from PDO's page:
The framework is there, PHP developers need to make use of it, but sadly things like the following are still common:$stmt = $dbh->prepare("INSERT INTO REGISTRY (name, value) VALUES (:name,:value)");
$stmt->bindParam(':name', $name);
$stmt->bindParam(':value', $value);
$name = 'one';
$value = 1;
$stmt->execute();
mysql_query('SELECT value FROM REGISTRY WHERE name = "' . $name . '"');
No comments:
Post a Comment