/    Sign up×
Community /Pin to ProfileBookmark

Why you should use PDO prepared statements

Because things have been too quiet today….



to post a comment

3 Comments(s)

Copy linkTweet thisAlerts:
@calevansSep 14.2016 — Two reasons.

1: Prepared statements filter the variables. This helps reduce the SQL Injection attack surface.

2: If you are in a loop, creating the prepared statement outside of the loop and then just changing the variable is faster. Now, this brings up the question, why are yo doing SQL in a loop. But that is a different problem to solve. ?

So to recap, security and performance.


Copy linkTweet thisAlerts:
@NogDogauthorSep 14.2016 — Just wanted to point out that I wasn't asking a question, just making an excuse to post a link to a possibly humorous, related image. ?
Copy linkTweet thisAlerts:
@calevansSep 14.2016 — ? Apologies. I'm new here.




Help @NogDog spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 11.28,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ

legal: ({
terms: of use,
privacy: policy
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
recent_tips: (
tipper: @bahaedd,
tipped: article
amount: 1000 SATS,

tipper: @Balmasexy,
tipped: article
amount: 1000 SATS,

tipper: @mbsaad,
tipped: article
amount: 1000 SATS,