11-26-2007, 08:51 PM
|
#12 (permalink)
|
|
The Gregarious
Join Date: Oct 2007
Location: Manchester, UK
Posts: 718
Thanks: 29
|
Quote:
|
1. You don't need to use sprintf to secure your queries. Just make sure all user submitted data is the correct data type and strings are escaped (mysqli_real_escape_string()). IMHO using sprintf makes your code harder to read and is more of a pain than typecasting.
|
id have to agree there, but i do like the idea, i like seeing new ideas on solving problems, but sprintf isnt for me either, infact i mostly use prepared statements in mysqli these days.
but what ever lights your candle i suppose :)
__________________
sudo chown -R us ./allyourbase
|
|
|
|