Edit report at https://bugs.php.net/bug.php?id=61004&edit=1
ID: 61004 Comment by: phpmpan at mpan dot pl Reported by: pazzo at bahnhof dot se Summary: Add mysql_safe_query Status: Open Type: Feature/Change Request Package: MySQL related Operating System: Any PHP Version: Irrelevant Block user comment: N Private report: N New Comment: Since people rarely refresh their knowledge, even when they know it's old, those links may help realizing that for at least few years there are newer and more secure solutions than old mysql extension: - http://www.php.net/manual/en/book.pdo.php - http://www.php.net/manual/en/book.mysqli.php Previous Comments: ------------------------------------------------------------------------ [2012-02-07 15:03:13] pazzo at bahnhof dot se Description: ------------ Since people are bad at securing their code, even when they know how, this function may give securer and more readable code: mysql_safe_query('UPDATE people SET (name, number) VALUES ? WHERE name = ? or ?` = ?', array('new name', 5553475), 'old name', 'custom field', 5); I've provided an example of how to solve this using php code. Test script: --------------- http://pastebin.com/8EcS9y1B ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=61004&edit=1
