Prepared statements?

☆ A M B ☆
24,524 Posts

sottwell Reply #1, 18 years, 1 month ago

Does xPDO support prepared statements with php < 5?

Studying MODX in the desert - http://sottwell.com
Tips and Tricks from the MODX Forums and Slack Channels - http://modxcookbook.com
Join the Slack Community - http://modx.org

MODX Staff
10,725 Posts

opengeek Reply #2, 18 years, 1 month ago

Quote from: sottwell at Mar 03, 2007, 09:53 AM

Does xPDO support prepared statements with php < 5?

Yes, it emulates most of the features of PDO for PHP 4 and 5.0.x without PDO extensions (transaction support is not currently implemented, though it could be).

Jason Coward
Chief Architect @ MODX
http://www.jasoncoward.com | http://twitter.com/drumshaman | https://github.com/opengeek

☆ A M B ☆
24,524 Posts

sottwell Reply #3, 18 years, 1 month ago

Ok. Now I need to really spend more time learning how to use xPDO. I’ve been studying MySQL with a view towards increasing security, and was rather surprised to learn that mysql_real_escape_string() isn’t all that great. Looks like prepared statements with carefully validated user input is closer to the answer. But it takes mysqli, which most shared hosts don’t seem to have, or PDO which of course is only good for php 5. Or xPDO!

Studying MODX in the desert - http://sottwell.com
Tips and Tricks from the MODX Forums and Slack Channels - http://modxcookbook.com
Join the Slack Community - http://modx.org