Mysql
Escaping field and table names in PDO statements
PDO is Chuck Norris (or whomever you believe in as the divine force that created earth) gift to PHP developers. It takes the hassle of securing your sql queries against sql injections and other nasty stuff.
But it has one weakness. It has no method of escaping table and field names. So how do we do it? The only solution I see is to quote table names (or field names) with backquote (`) and then disallow backslash, backquote and the nul character:
Mysql: change column order
The order of columns is usually not important, but sometimes it annoys me. So, how to change it?
Search
Archive
- December 2011 (5)
- August 2011 (1)
- July 2011 (2)
- March 2011 (1)
- February 2011 (2)
- January 2011 (1)
- August 2009 (3)
- January 2009 (3)
- December 2008 (3)
- September 2008 (1)
User login
