Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- prepared statements in mysqli?
April 20, 2005, 6:00 pm
rate this thread
mysqli in PHP5 comes with prepared statements functionality. However,
without persistent connections or connection pooling in this code
library, one has to ask: why bother?
are prepared statements 'remembered' by the server for a while between
connections, so that new connections can take advantage of them, or are
they really only useful for those pages/requests that are executing a
huge amount of DML in a single shot.
Re: prepared statements in mysqli?
I believe that prepared statements come with implicit quoting for
substituted values, so you don't have to fill your code with calls
to addslashes(), or risk SQL errors (and maybe your site getting
hacked) when someone decides to put single quotes or other nasty
characters into a web form. This may prove to be useful even if
no prepared statement is ever used more than once.
Gordon L. Burditt