TIP: Click on subject to list as thread! ANSI
echo: rberrypi
to: ALL
from: DENNIS LEE BIEBER
date: 2020-09-12 09:56:00
subject: Re: Pi Hardware

On Sat, 12 Sep 2020 08:04:27 +0100, Ahem A Rivet's Shot 
declaimed the following:


> Doesn't mysql provide prepared statements with placeholders like
>sqlite does ? Those are the safest and easiest way to put user date into
>SQL.

 It does since sometime in v4, but the API is a terror. One has to
populate a structure defining what the fields are (including datatypes,
buffer addresses, lengths for strings), invoke separate prepare and execute
calls.

 The older API, and many of the adapters for scripting languages, relied
upon the client end quoting/escaping parameters and sending the command
entire.


--
 Wulfraed                 Dennis Lee Bieber         AF6VN
 wlfraed@ix.netcom.com    http://wlfraed.microdiversity.freeddns.org/

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | FidoUsenet Gateway (3:770/3)

SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.