That's rather concerning on both fronts. Drupal doesn't plan on abandoning PDO, I believe. At least I haven't seen that proposed.
Is there anything I could help with fixing pdo_parse_params ? Also what's the problem with mysqli async? With fibers introduced in 8.1 it seems a very good fit , where can I read / help on problems with this pairing? Thanks Karoly Negyesi On Wed, Oct 11, 2023 at 5:47 PM Kamil Tekiela <tekiela...@gmail.com> wrote: > Hi, > > I have to say I am not a fan of this proposal. While definitely a super > nice feature in PDO, it's more of a hack rather than proper feature. > Certain RDBMSs support named parameters in prepared statements, but MySQL > doesn't. Therefore, the solution implemented in PDO is a hack. It's very > flawed and the current implementation has multiple bugs and shortcomings. > One could say that some bugs are security issues. > > For the above reason, I don't think we should support this in mysqli. We > cannot reliably implement such feature. We could make a copy of > pdo_parse_params and fix as many MySQL issues as possible, but we would > never be able to fix it fully due to the nature of MySQL API. > > If someone wants to implement this in userland, then be my guest. As long > as you are aware of the shortcomings and you know how to use it safely then > it's fine. > > Unrelated, but I would not consider the async feature of mysqli useful or > even a good reason to abandon PDO. IMHO the async feature is a failed > experiment with limited applicability. > > Regards, > Kamil Tekiela >
