Re: secure login system — PHP Programming Language

You are here: Re: secure login system « PHP Programming Language « IT news, forums, messages

Posted by Jerry Stuckle on 05/07/06 23:44

frizzle wrote:
> Jerry Stuckle wrote:
>
>>R. Rajesh Jeba Anbiah wrote:
>>
>>>frizzle wrote:
>>>
>>>
>>>>Rafe Culpin wrote:
>>>>
>>>>
>>>>>In article <1146739267.490563.178550@y43g2000cwc.googlegroups.com>,
>>>>>phpfrizzle@gmail.com (frizzle) wrote:
>>>
>>> <snip>
>>>
>>>>AFAIK using mysql_real_escape_string deals with that in all cases
>>>>if i parse any input through that... Thanks for reminding though how
>>>>important that is!
>>>
>>> <snip>
>>>
>>> PHP saints are moving away from mysql_real_escape_string() to
>>>prepared statements
>>><http://ilia.ws/archives/103-mysql_real_escape_string-versus-Prepared-Statements.html>
>>>
>>> FWIW, For login system
>>><news:1110991855.257652.244240@z14g2000cwz.googlegroups.com> (
>>>http://groups.google.com/group/comp.lang.php/msg/310fad0eef59415a? )
>>>
>>>--
>>> <?php echo 'Just another PHP saint'; ?>
>>>Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/
>>>
>>
>>Some are, some aren't. Just another way of doing things.
>>
>>--
>>==================
>>Remove the "x" from my email address
>>Jerry Stuckle
>>JDS Computer Training Corp.
>>jstucklex@attglobal.net
>>==================
>
>
> Wow, made my temperature rise there, but as i understand from the
> comments, (in my case) mysql_real_escape_string is safe. Pfew.
> AFAIK it wasn't some way of handling things as Jerry implies ...
>
> I will look at your links later R. Rajesh Jeba Anbiah, thanks in
> advance!
>
> Frizzle.
>

Frizzle,

I didn't mean to make your temperature rise. My comment was strictly related to
Rajesh's comment that "PHP Saints" are moving towards prepared statements.

He indicates that all so-called "PHP Saints" think prepared statements are the
way to go. My only response is that the most experienced PHP people think
prepared statements are ONE way to go. Not necessarily the ONLY way.

Just like almost everything else, there are advantages and disadvantages to
using them.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

Navigation:

Next in forum: Adding a custom object to an array
Prev in forum: Re: error_log is not working, script crashes without warning
Thread view: Re: secure login system

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация