Webmaster World Forum http://www.webmasterworld.com

Page is a not externally linkable
- Code, Content, and Presentation
-- PHP Server Side Scripting
---- Prepared statements vs. real escape string

Sekka - 3:10 pm on Oct 27, 2008 (gmt 0)

As far as I am aware, the only big difference is that prepared statements force you to be more secure, while manual query building can create exploits, as all it would take is missing 1 escape.

On another note, I believe preparing statements increases speed?

Thread source:: http://www.webmasterworld.com/php/3765046.htm
Brought to you by WebmasterWorld: http://www.webmasterworld.com