"Andi, of course you are right, but not every database system enjoyes prepared statements support on PHP :-("
My understanding is that prepared statements are at least emulated in every PDO driver. I asked Wez Furlong whether the emulated prepared statements were "safe" from SQL injection at OSCON 2006, and he said they were. Obviously this is PHP5 only, but... perhaps another good reason to make the jump. 8)
"A shiver passes down your spine as you realize that there must be some pretty bad “bad stuff” out there to warrant this library passing the crazy crap politics that is PEAR."
Shit, you know that, though. This is PHP: the power to heal, the power to kill, in the hands of a dork.
But I stand by my statement that there are some very well-done libraries in PEAR, and for quite a while it was the first and best place to look for solid components to build your web apps on. That situation has changed quite a bit in the past 2-3 years, though, but it's not like PEAR is suddenly a turd floating in the bowl of PHP development.
I enjoyed Theo's talk a lot, but I did think the shot at PEAR was beyond exaggeration for humor's sake and into the realm of unfounded criticism. The PEAR code I've used -- and I don't use a ton, but what I do use I use a *lot* -- seems pretty good to me, and certainly far above the level of stuff at phpclasses.org or the user-contributed notes in the php.net docs.
I'm interested in the unit testing tutorial. I'm convinved to give it a try, but I've had some difficulty finding practical explanations for how you change your typical app dev process to integrate unit testing.
Donkey, it looks like there's an implicit ob_start when you call this function. Also note that this function only modifies URLs that don't contains a protocol://domain, so if you use "full" URLs within your app, this won't work.
funkatron's Profile
Last 10 Comments
1
2
3
4
5
6
7
8