Posted by Dodger on 07/05/06 10:59

Sandman wrote:
> In article <1152094733.815375.105700@a14g2000cwb.googlegroups.com>,
> "Dodger" <el.dodgero@gmail.com> wrote:

> I've not used "mysqli", but doing the above in mysql:
>
> <?
> $db = mysql_connect("host", "user", "password");
>
> $q = mysql_query("select * from cities where country = 'USA'");
> while ($r = mysql_fetch_assoc()){
> $cities[] = $r["city"];
> }
>
> foreach ($cities as $city){
> # Do stuff
> }
> ?>

Well, I do need bind variables. In the non-mysqli example up there, the
country is hardcoded into the statement. Even if I filled that in with
a variable, what if it was a variable that was passed in by a user? It
would be too easy to hack and would end up either potentially crippling
things or with an arms race between me and some l33+ haxcsore wanker
whi thinks he's clever.

> Why the extra foreach? Just "do stuff" in the mysql while loop.

Could be plenty of reasons. In the example up top, I am populating the
environment (%ENV in Perl, $_ENV in PHP) with my special session
variables (and yes, I know PHP has session handling systems, but I'm
not gonna use them because I want stuff to work in *both* Perl and PHP
CGIs* -- I might be populating some other SESSION_* environment
variables elsewhere, for instance.

But it was an illustration of having a populated data structure,
mostly.


--
Dodger


*Yes, both are CGIs. Both use Common Gateway Interface. <-- Pet Peeve
when people think CGI is, like, a language or something. It's just a
protocol for handing off variables, and *all* web stuff uses it by
default (yeah some weird stuff takes it by rewriting other things,
but...)

[Back to original message]