Re: PHP sucks!! - was: persistent db connections in PHP - Mailing list pgsql-general

From PFC
Subject Re: PHP sucks!! - was: persistent db connections in PHP
Date
Msg-id op.tt07o7vbcigqcu@apollo13
Whole thread Raw
In response to Re: PHP sucks!! - was: persistent db connections in PHP  (Ron Johnson <ron.l.johnson@cox.net>)
Responses Re: PHP sucks!! - was: persistent db connections in PHP
List pgsql-general
> I wouldn't call Python *strongly* typed, but I do know what you mean.  I
> think.

    It is strongly typed (string + int = error), just not statically typed
(but you saw what I mean ;)

> "PHP: very loosely typed, does whatever it wants"
> yeah php got a life of its own! sure be a lazy programmer and blame
> sql injection etc crap on php or try http://www.xdebug.org/ and
> others.

    No need.
    I either use pg_query_params() which automagically handles all quoting,
or an ORM which does the same.
    There is no reason to include strings in SQL statements except laziness.
    MySQL does not have a mysql_query_params() for PHP, so you have to write
one, it's pretty simple.

    Python's (and perl) strength in this respect is that they make it easier
to use the safe solution, ie :
    query( "sql with ? or $1 or %s", arg, arg, arg )

    PEAR::DB is horrendous.













pgsql-general by date:

Previous
From: "John Smith"
Date:
Subject: Re: PHP sucks!! - was: persistent db connections in PHP
Next
From: Ron Johnson
Date:
Subject: Re: PHP sucks!! - was: persistent db connections in PHP