List:General Discussion« Previous MessageNext Message »
From:Johan De Meersman Date:May 14 2012 2:50pm
Subject:Re: MySQL Community Server 5.1.63 has been released
View as plain text  
----- Original Message -----
> From: "Govinda" <govinda.webdnatalk@stripped>
> 
> 1.) Is anyone *who knows what he is doing* still using
> mysql_real_escape_string()?  Ever?

I seem to vaguely remember someone showing me some code that would bypass escaping; but I
didn't really pay a lot of attention, to be honest :-)

Personally I haven't used escapes in ages, for the simple reason that prepared statements
are just that much more convenient - and even if MySQL doesn't do a lot with it for the
time being, they also allow for some very nifty in-server optimizations using cached
query plans and similar nifties. Using them is a good habit for three reasons:
 1) it makes you immune to SQL injections, at least as effectively as escaping;
 2) if MySQL finally gets around to implementing an execution plan cache, you'll start
benefiting without having to lift a finger
 3) you won't need to learn new ways of working if you need to code on different databases
:-)


-- 
Bier met grenadyn
Is als mosterd by den wyn
Sy die't drinkt, is eene kwezel
Hy die't drinkt, is ras een ezel
Thread
MySQL Community Server 5.1.63 has been releasedSunanda Menon7 May
  • Re: MySQL Community Server 5.1.63 has been releasedBaron Schwartz7 May
    • Re: MySQL Community Server 5.1.63 has been releasedJohan De Meersman8 May
      • Re: MySQL Community Server 5.1.63 has been releasedJohan De Meersman14 May
        • Re: MySQL Community Server 5.1.63 has been releasedGovinda14 May
          • Re: MySQL Community Server 5.1.63 has been releasedJohan De Meersman14 May
            • Re: MySQL Community Server 5.1.63 has been releasedReindl Harald14 May
              • Re: MySQL Community Server 5.1.63 has been releasedJohan De Meersman14 May
                • RE: MySQL Community Server 5.1.63 has been releasedRick James14 May
          • RE: MySQL Community Server 5.1.63 has been releasedRick James14 May