Well the page says "basic examples", and usually the first thing you learn with DB connections with PHP is just to feed queries to it, and then take care of the security. They have examples for prepared statements tho, and they are in the quickstart guide http://php.net/manual/en/mysqli.quickstart.prepared-statements.php …
-
-
Replying to @AlexPowerUp
No, no, no, no, no. You **never** teach people the wrong way to begin with. Teaching the insecure way of doing things first is a *terrible* idea. If they just want to demonstrate a simple query first then it should be a constant one with no variable interpolation.
2 replies 2 retweets 15 likes -
Replying to @marcan42
I totally agree, but for someone that has been programming PHP for little time it may feel overwhelming to construct a query instead of operating with the DB the same way they do on console/DB client/whatever they use to send queries.
1 reply 0 retweets 0 likes -
Replying to @AlexPowerUp @marcan42
If you have no prior experience with programming at all, then it's pretty likely that you've never used a command-line client to send an SQL query either; so a "this is the shape of the query, these are the values" model is *more* intuitive than gluing it all together.
2 replies 0 retweets 3 likes -
Unless you are in a job training course and you have many subjects. We started learning c#, html, css, javascript and databases first year, and we were looking into server side stuff (mainly PHP) second year. So in my case, yeah, we learnt SQL before any kind of severside tech.
1 reply 0 retweets 1 like -
Replying to @AlexPowerUp @marcan42
Then whoever was teaching the SQL course should have started out by telling you that there are roughly two ways to create a query, for manual vs. automated queries; literal queries vs. parameterized queries.
1 reply 0 retweets 0 likes -
(Also, that is a basically impossible workload to learn right within a year. But that's a different discussion.)
2 replies 0 retweets 0 likes -
Actally, sorry, i am wrong. Here you have the subject list, it's in spanish but basically: First year: DB, HTML and XML and IDEs Second year: Javascript, PHP, Deployment (server config and stuff) and Interface design (UI, UX, mockups and all that stuff)pic.twitter.com/MTeC3Cj6bl
1 reply 0 retweets 0 likes -
Replying to @AlexPowerUp @marcan42
That seems a little less bad, but I'd still argue that it's way too much to compress into that kind of timeframe. Unfortunately pretty representative of computer-related education in general...
1 reply 0 retweets 0 likes -
That's the point I am trying to make. If you first learn SQL stuff and then you apply it to a new programming language such as PHP, it's way more visual feeding raw queries to it, because you already know how to do it, rather than preparing, filtering and stuff.
2 replies 0 retweets 0 likes
Then you feed it *static* queries. I posit there is ~no educational advantage to teaching parameterization via string concatenation vs via prepared statements. Start with static queries and skip all the crappy concatenation stuff.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.