Timeline for answer to Why shouldn't I use mysql_* functions in PHP? by Your Common Sense
Current License: CC BY-SA 3.0
Post Revisions
21 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| S Dec 25, 2017 at 17:32 | history | suggested | Community Bot | CC BY-SA 3.0 |
grammar and spelling improvement(s)
|
| Dec 25, 2017 at 16:10 | review | Suggested edits | |||
| S Dec 25, 2017 at 17:32 | |||||
| Dec 25, 2017 at 15:14 | review | Suggested edits | |||
| Dec 25, 2017 at 15:16 | |||||
| May 23, 2017 at 10:31 | history | edited | URL Rewriter Bot |
replaced http://stackoverflow.com/ with https://stackoverflow.com/
|
|
| Sep 17, 2013 at 9:03 | history | edited | Your Common Sense | CC BY-SA 3.0 |
added 187 characters in body
|
| Jul 24, 2013 at 11:31 | vote | accept | Madara's Ghost | ||
| Jul 24, 2013 at 11:43 | |||||
| Jun 29, 2013 at 5:32 | history | edited | Your Common Sense | CC BY-SA 3.0 |
added 427 characters in body
|
| Jun 29, 2013 at 5:23 | history | edited | Your Common Sense | CC BY-SA 3.0 |
added 427 characters in body
|
| Mar 7, 2013 at 10:37 | history | edited | Your Common Sense | CC BY-SA 3.0 |
added 217 characters in body
|
| Mar 7, 2013 at 10:22 | history | edited | Your Common Sense | CC BY-SA 3.0 |
added 1497 characters in body
|
| Mar 7, 2013 at 10:14 | history | edited | Your Common Sense | CC BY-SA 3.0 |
added 1497 characters in body
|
| Feb 23, 2013 at 20:38 | history | edited | Your Common Sense | CC BY-SA 3.0 |
added 1504 characters in body
|
| Feb 23, 2013 at 20:20 | history | edited | Your Common Sense | CC BY-SA 3.0 |
added 1504 characters in body
|
| Feb 4, 2013 at 13:23 | comment | added | ircmaxell | @MadaraUchiha: the same problem exists in all forms though. You don't think that once ext/mysql goes away that someones going to do the same thing for ext/mysqli or PDO? It's folly to blame ext/mysql for that. And deprecating it will have NO impact on that style code or tutorial... | |
| Feb 4, 2013 at 13:13 | comment | added | Madara's Ghost | @ircmaxell I'm referring more about the educational part. Security is neglected on most tutorials new users view. I don't say these vulnerabilities don't exist in newer extensions, it's just that for some reason, it happens a lot more on the ext/mysql extension. | |
| Feb 4, 2013 at 12:44 | comment | added | ircmaxell | @ShaquinTrifonoff: sure, it doesn't use prepared statements. But neither does PDO, which most people recommend over MySQLi. So I'm not sure that has a significant impact here. The above code (with a little more parsing) is what PDO does when you prepare a statement by default... | |
| Feb 4, 2013 at 12:42 | comment | added | ircmaxell | @MadaraUchiha: Can you explain how vulnerabilities are very easy to come by? Especially in the cases where those same vulnerabilities don't affect PDO or MySQLi... Because I'm not aware of a single one that you speak of. | |
| Feb 1, 2013 at 10:21 | comment | added | Nanne |
How is Not under active development only for that made-up '0.01%'? If you build something with this stand-still function, update your mysql-version in a year and wind up with a non-working system, I'm sure there are an awful lot of people suddenly in that '0.01%'. I'd say that deprecated and not under active development are closely related. You can say that there is "no [worthy] reason" for it, but the fact is that when offered a choice between the options, no active development is almost just as bad as deprecated I'd say?
|
|
| Jan 3, 2013 at 6:07 | comment | added | uınbɐɥs |
everything is parameterized and safe - it may be parameterized, but your function doesn't use real prepared statements.
|
|
| Jan 1, 2013 at 17:48 | comment | added | Madara's Ghost |
mysql_* makes vulnerabilities very easy to come by. Since PHP is used by a whole lot of novice users, mysql_* is actively harmful in practice, even if in theory it can be used without a hitch.
|
|
| Jan 1, 2013 at 17:42 | history | answered | Your Common Sense | CC BY-SA 3.0 |