Reply to Re: elaborate PDO documentation: recommendations?

Your name:

Reply:


Posted by amygdala on 08/19/06 12:09

"Richard Levasseur" <richardlev@gmail.com> schreef in bericht
news:1155919071.607652.22610@i3g2000cwc.googlegroups.com...
>
> amygdala wrote:
>> Hi,
>>
>> Can anyone recommend some extensive PDO documentation? Especially
>> documentation that describes PDO's security capabilities. For instance
>> what
>> measurements does the PDO::prepare take to prevent SQL injection, etc.?
>> And
>> what extra measurements would be appropriate.
>>
>> PHP's PDO manual isn't very elaborate IMO.
>
> Yeah, the PDO documentation is rather sparse. AFAIK, it will use the
> underlying database driver's implementation for escaping strings to
> make them safe for queries, and it can't get much better than that,
> since those take into account the character specifics of that database.

Hmm maybe indeed that's all there is to know. I'm just pretty new to PHP and
databases, so I wanna get a clear understanding of what's going on in the
background of things, to build up confidence that I'm taking the appropriate
measures, etc. etc.

> For database's that don't have prepared statements (ie: mysql < 4.0,
> iirc), i believe it emulates them. Not sure what it does exactly, most
> likely escapes common characters like ' and "
>
> PDO is very lightweight for a database layer. While it is very fast,
> it doesn't have as many features as PEAR::DB or equiv. If you need
> more capabilities or options, I suggest another abstraction layer, like
> MDB2, adoDB, or any of the other ones.

Well, so far PDO met my needs just fine. I'm not doing anything fancy.

>>
>> I was also wondering whether it is safe to asume that a fair amount of
>> (shared) hosting providers will have PDO (and thus PHP5?) installed. Any
>> experiences?
>>
>> Thanks!
>>
>> A.
>
> I'm not sure on how widespread PHP5 is. A few hosters I know of have
> it, many don't. The same goes for PDO, since it must be manually
> specified in configure and added to the ini file.

I understand. While we're on the subject. Can you, or anyone else, recommend
a / some good PHP5 hosting provider(s) offering all around reasonable
prices, good service and undesputed (!! (-; ) knowledge ?

Thanks in advance!

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация