Hello all:
I had a few questions.
First, I'm using php-fastcgi with nginx for my primary web server. I was
wondering what sorts of optimizations exist to make this process a lot
faster.
Second, I'm setting up a custom application, and it contains an
authentication module for login/registration. In doing this, I
discovered PDO (I used to just use the mysql_* functions). According to
google, it's easier to prevent mysql injection attacks with PDO, so I
dove in.
Before, I was using $pdo->exec("...");, but I read that I need to call
quote on the variables I'm passing in. It looks like that all quote does
is just add '...' on the variables, but I could be wrong.
So, here's my questions:
First, I know that prepared statements are immune to mysql injection
attacks, if I just use the variables with placeholders in the
statements. I know that caching these means that the optimization does
not have to be done every time, but is this the most efficient method
for adding a single user for registration? Or would a basic query be better.
Also, I had the idea of building up common queries and cacheing them,
but this isn't really possible since each php script (as far as I'm
aware) gets it's own process or environment. If I can build the prepared
statements and cache them, it seems like things would be a lot quicker.
Is this something commonly done?
--
Take care,
Ty
http://tds-solutions.net
The aspen project: a barebones light-weight mud engine:
http://code.google.com/p/aspenmud
He that will not reason is a bigot; he that cannot reason is a fool; he that
dares not reason is a slave.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
