Does it matter how to code query?
View Single Post
03-22-2008, 07:07 PM
Join Date: Nov 2007
I agree with
; I prefer style #1, which keeps the SQL statement separate from the actual query call. If you need to look at the query or data embedded in it, it's simple to display the SQL statement by itself. If it's trapped within a function call (or worse, a couple of function calls), troubleshooting why the data isn't coming out the other end becomes exponentially more difficult. You wind up having to dissect into several pieces anyway.
is also a good way to go, but don't rely on it alone to protect your database from SQL injection. Parameterized queries are also useful, if your database interface extension provides them.
I reject your reality, and substitute my own.
View Public Profile
Send a private message to SOCK
Find More Posts by SOCK