Optimizing SELECT * FROM with mysql_field_table() — speed impact results

In my previous post, Optimizing SELECT * FROM with mysql_field_table(), I ended with the promise to publish some speed impact results with you. I found it hard to come up with a good measure of speed impact. On the one hand, there is the speed degradation as extra overhead is added. On the other hand, speed is improved as you execute less database queries.

Read more…

Preventing SQL Injection with Parametrized Queries

Still using magic quotes, or using addslashes to add slashes all $_POST and $_GET variables to prevent SQL Injection? Using magic quotes is considered not a good idea, and using addslashes will also certainly drive you insane.

Read more…

Except where otherwise noted, this work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.