Cody Fendant has asked for the wisdom of the Perl Monks concerning the following question:
This is probably pretty primitive for Perl programming, but I code my SQL like this:
$sth = $db_handle->prepare("select foo from bar where id = ?") or die( $db_handle->errstr ); $id = 17; ## or whatever $sth->execute( $id ) or die ( $sth->errstr() ); $baz = $sth->fetchrow_hashref();
I'm working more and more in PHP in a current job and I see nothing like that in the code I'm working with, no binding, just raw SQL commands constructed by variable/string concatenation and fed direct to mysql_query().
What's the professional way to do this in PHP?
|
---|
Replies are listed 'Best First'. | |
---|---|
Re: Monks who also work in PHP, help me upgrade my SQL code?
by Gangabass (Vicar) on Feb 28, 2013 at 04:18 UTC | |
Re: Monks who also work in PHP, help me upgrade my SQL code?
by tobyink (Canon) on Feb 28, 2013 at 07:56 UTC | |
Re: Monks who also work in PHP, help me upgrade my SQL code? (bobby-tables)
by Anonymous Monk on Feb 28, 2013 at 05:11 UTC |
Back to
Seekers of Perl Wisdom