On Wed, Jun 06, 2007 at 05:56:44PM -0700, Peter Rosenthal wrote: > On 04/06/07, Jon Ribbens <[EMAIL PROTECTED]> wrote: > >Um, what? Both that and the methods described in the magazine are > >completely wrong. You use mysql_real_ecape_string(), that's it. > > I would disagree on the use of mysql_real_escape_string(). The use of > placeholders is much safer from a maintenance and 'oops look I typoed it' > perspective.
That's not a disagreement - you're just talking about a different abstraction layer. Behind the scenes your 'placeholder' API will be using mysql_real_escape_string(). -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
