GoFuckYourself.com - Adult Webmaster Forum - View Single Post

Zyber · 09-21-2010, 08:56 AM

A safer practise is to use parameterized SQL queries. It also has performance benefits.

The negative thing is that makes your code more complex, and thus less pretty.

See example here (note MySQLi and not MySQL)
http://www.php.net/manual/en/mysqli.prepare.php

09-21-2010, 08:56 AM
Zyber Confirmed User Industry Role: Join Date: Aug 2001 Posts: 832	A safer practise is to use parameterized SQL queries. It also has performance benefits. The negative thing is that makes your code more complex, and thus less pretty. See example here (note MySQLi and not MySQL) http://www.php.net/manual/en/mysqli.prepare.php