473,224 Members | 1,503 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,224 software developers and data experts.

prepared statements in mysqli?



hello!

mysqli in PHP5 comes with prepared statements functionality. However,
without persistent connections or connection pooling in this code
library, one has to ask: why bother?

are prepared statements 'remembered' by the server for a while between
connections, so that new connections can take advantage of them, or are
they really only useful for those pages/requests that are executing a
huge amount of DML in a single shot.
thanks!
mark.
Jul 17 '05 #1
1 2243
> mysqli in PHP5 comes with prepared statements functionality. However,
without persistent connections or connection pooling in this code
library, one has to ask: why bother?

are prepared statements 'remembered' by the server for a while between
connections, so that new connections can take advantage of them, or are
they really only useful for those pages/requests that are executing a
huge amount of DML in a single shot.


I believe that prepared statements come with implicit quoting for
substituted values, so you don't have to fill your code with calls
to addslashes(), or risk SQL errors (and maybe your site getting
hacked) when someone decides to put single quotes or other nasty
characters into a web form. This may prove to be useful even if
no prepared statement is ever used more than once.

Gordon L. Burditt
Jul 17 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
by: Tom D | last post by:
I'm rewriting a database interface that our company currently has. Currently it's using the Pear::DB interface, but we found that that was introducing a bit too much overhead. I'm rewriting the...
2
by: Cyril VELTER | last post by:
I'm converting an application to use the V3 protocol features in the 7.4 libpq. As I need to make a design choice regarding the use of prepared statements, I'm wondering what ressources does a...
2
by: ojorus | last post by:
Hi! Some questions regarding the mysqli-extension (php5) 1) Prepared statements: If I understand things right, prepared statements will give better performance if you make several similar...
13
by: Schmidty | last post by:
If you do a page reload with $_SERVER will your program lose a mysqli connection upon the reload of the page? Would this code work? I need to know how to carry over a connection between methods as...
3
by: Ciaran Byrne | last post by:
I'm trying to move data from one or more tables to identical table(s) in a different database, likely on a different server. This prevents me from using INSERT..SELECT, so up until now I've done a...
2
by: Pugi! | last post by:
It is by accident that I noticed that I forgot to use mysql_real_escape_string in part of my webapp. I tested input with following text : Hélène 51°56'12'' http://www.mysite.org/folder 3 functions...
4
by: TechieGrl | last post by:
Prepared statements are new to me and having to do this with a multi- dimensional array is beyond me. Here is the prepared statement block: // Prepare to insert a record into table1...
1
by: lazukars | last post by:
I have done a good amount of research on prepared statements in php. The problem is that I have found various examples on how to select and insert information into a Mysql database. I want to make...
0
by: lazukars | last post by:
I am building some code with msqli prepared statements via. The code will be used for a form that will send data to a MySql database. What I would like to know is how secure are prepared...
1
isladogs
by: isladogs | last post by:
The next online meeting of the Access Europe User Group will be on Wednesday 6 Dec 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, Mike...
0
by: veera ravala | last post by:
ServiceNow is a powerful cloud-based platform that offers a wide range of services to help organizations manage their workflows, operations, and IT services more efficiently. At its core, ServiceNow...
0
by: mar23 | last post by:
Here's the situation. I have a form called frmDiceInventory with subform called subfrmDice. The subform's control source is linked to a query called qryDiceInventory. I've been trying to pick up the...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
2
by: jimatqsi | last post by:
The boss wants the word "CONFIDENTIAL" overlaying certain reports. He wants it large, slanted across the page, on every page, very light gray, outlined letters, not block letters. I thought Word Art...
0
by: stefan129 | last post by:
Hey forum members, I'm exploring options for SSL certificates for multiple domains. Has anyone had experience with multi-domain SSL certificates? Any recommendations on reliable providers or specific...
0
Git
by: egorbl4 | last post by:
Скачал я git, хотел начать настройку, а там вылезло вот это Что это? Что мне с этим делать? ...
1
by: davi5007 | last post by:
Hi, Basically, I am trying to automate a field named TraceabilityNo into a web page from an access form. I've got the serial held in the variable strSearchString. How can I get this into the...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.