LCKB ** OLD LCKB DATABASE ** Programmers Gateway Coders Talk v
[PHP]Seals System

Linear Mode
[PHP]Seals System
Wizatek Offline
Posting Freak
*****
Posts: 768
Threads: 40
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: May 2011
Reputation: 0
#5
04-24-2012, 04:58 PM

Still i would prefer PDO over having to sanitize everything.

Why PDO is so good is because it sends the part in $db->prepare() to the database first.

Then after the mysql command is send, it will send the parameters. These parameters cant be querys on itself, and also wont be executed by the server under any circumstance.

Making it 100% safe against SQL injections without having to sanitize yourself.

But its of course a personal preference.

 

I learned when its about the game database or website that u can never be to cautious about security.

Sadly i had to learn it the hard way Tongue

Find


Messages In This Thread
[No subject] - by Infinity - 04-22-2012, 05:06 PM
[No subject] - by Reza - 04-23-2012, 01:28 AM
[No subject] - by Wizatek - 04-23-2012, 04:56 AM
[No subject] - by Reza - 04-23-2012, 06:28 PM
[No subject] - by Wizatek - 04-24-2012, 04:58 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)