comment on

I disagree.

Bing is mainly useful for it separes the "code" and "data" parts of your query and checks the validity of data.

For instance, if you bind an integer parameter, bind checks that the data really is an integer value; more important, if you bind a string parameter bind escapes the characters that could be interpreted as statement by the DBMS and doing so it prevents the all-present risk of code injection if data comes from user input.

All this, checks and escaping, could be done by the program but always binding your data is a good programming practice for you can always forget a check leaving a security hole, but if you forget a bind your program doesn't work

Rule One: Do not act incautiously when confronting a little bald wrinkly smiling man.

In reply to Re: Is bind useful for one-time queries and commands? by psini
in thread Is bind useful for one-time queries and commands? by talexb

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.