On 24/06/2021 11:35, Stephen Reay wrote:
On 24 Jun 2021, at 17:16, Craig Francis <cr...@craigfrancis.co.uk> wrote:
On Thu, 24 Jun 2021 at 10:55, Stephen Reay <php-li...@koalephant.com> wrote:
but still I have to keep asking: Why integers at all?
While I'm not a fan of this approach, there is a lot of existing code and
tutorials that use:
$sql = 'WHERE id IN (' . implode(',', array_map('intval', $ids)) . ')';
$sql = sprintf('SELECT * FROM table WHERE id = %d;', intval($id));
Yeah you’ve said this about a dozen times now. Parameterisation exists. Query
builders that do this already using parameterisation, exist.
I think it's clear that a conversation is going round in circles if you
are complaining both that you haven't had an answer to your question,
and that you've had the same answer too many times.
If you understand the answer but disagree with it, there is nothing more
to be said.
Unless you have a new point to make, I think it's probably best to
"agree to disagree" at this point, particularly as the discussion seems
to be getting heated and personal, which is not fun for anyone.
Regards,
--
Rowan Tommins
[IMSoP]
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: https://www.php.net/unsub.php
