0

Can someone recommend some simple and secure PHP/MySQL Database class for the database interaction?

Improve this question
1
  • 10
    What doesn't PDO do that you want the class to do? Commented Mar 4, 2011 at 16:03

4 Answers 4

Reset to default
1

You could also just use the mysqli class :)

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Here at work we use PDO for that kind of things. Clear enough imho

http://www.php.net/manual/en/intro.pdo.php

Improve this answer

Comments

0

Check out MDB2....

http://pear.php.net/package/MDB2

Improve this answer

Comments

0

All extensions (mysql, mysqli, pdo_mysql) are safe, if you use them correctly!

We use PDO, though, which appears to be the easiest one: http://php.net/manual/en/book.pdo.php Just remember to use prepared statements (which are "100% safe" against SQL Injections, when used correctly). If you can't use them, at least use methods like PDO::quote().

Improve this answer

2 Comments

If used correctly, $res = exec('echo \'select * from ...\'|mysql -u -pblahblah dbname'); would be safe as well. Preferable? heck no...
Prepared statements are not "100% safe" against injections. It's hard to say what "used correctly" means. Basically, you have to be careful no matter what you are doing, prepared statements or no.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.