> A quick google search for 'sql injection prepared statements' found
> those 2 statements (1 is a security article) very quickly.
> ...And frankly, its not the manual's job to tell you how to
> write secure code. So, this has to be coming from people.
>
Yes but a php security portal that referen
>Limits, table names, and several other query parts are protected by
>MediaWiki's query builder. A complex select query might look like this:
>
>$result = $db->select(
># Tables
>array( 'user', 'revision' ),
># Fields
>array( 'user_name', 'rev_timestamp' ),
># Conditions (WHERE)
