Re: PHP sucks!! - was: persistent db connections in PHP
От | PFC |
---|---|
Тема | Re: PHP sucks!! - was: persistent db connections in PHP |
Дата | |
Msg-id | op.tt07o7vbcigqcu@apollo13 обсуждение исходный текст |
Ответ на | Re: PHP sucks!! - was: persistent db connections in PHP (Ron Johnson <ron.l.johnson@cox.net>) |
Ответы |
Re: PHP sucks!! - was: persistent db connections in PHP
|
Список | pgsql-general |
> I wouldn't call Python *strongly* typed, but I do know what you mean. I > think. It is strongly typed (string + int = error), just not statically typed (but you saw what I mean ;) > "PHP: very loosely typed, does whatever it wants" > yeah php got a life of its own! sure be a lazy programmer and blame > sql injection etc crap on php or try http://www.xdebug.org/ and > others. No need. I either use pg_query_params() which automagically handles all quoting, or an ORM which does the same. There is no reason to include strings in SQL statements except laziness. MySQL does not have a mysql_query_params() for PHP, so you have to write one, it's pretty simple. Python's (and perl) strength in this respect is that they make it easier to use the safe solution, ie : query( "sql with ? or $1 or %s", arg, arg, arg ) PEAR::DB is horrendous.
В списке pgsql-general по дате отправления: