It's 2019 and PHP is *still* teaching people to concatenate SQL and vaguely-sanitized user input instead of using prepared statements. http://php.net/manual/en/mysqli.examples-basic.php … They got rid of the mysql module... only to teach people to use mysqli the same way. This is why SQLi isn't going away.
-
Except nobody in their right mind takes the examples on the php docs seriously. php.net is to lookup function signatures, nothing else. Everything else is on http://phptherightway.com
How are newbies supposed to know where to look? http://php.net examples are what Google gets you. It's ridiculous that newbies have to learn to ignore the language's own site.
-
-
Yeah I agree it's pretty bad tbh
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Newbies are there to learn. The http://php.net website cannot provide you with everything. Just like they are learning PHP, soon they will learn how to search for the best practices as well. Trial and error.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.