On 30.10.2007, at 12:00, Johannes Schlüter wrote:
Ilia,
I don't think this is right. SQL operators shouldn't be part of a
parameter name imo.
I talked to Christopher Jones (of Oracle fame) and Lorenzo (MDB2
maintainer). Its clear that the only named parameter supporting
database I know does not support dash inside named parameters. Its
also dangerous since it means that whitespace typos could have
serious hard to spot issues.
I think a safe regexp for bound parameters would look something like:
/^[a-z0-9][a-z0-9_]{0,30}$/
regards,
Lukas
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
