www.webdeveloper.com
Results 1 to 3 of 3

Thread: [RESOLVED] PDO Security Question

Hybrid View

  1. #1
    Join Date
    May 2011
    Location
    With Hobbits
    Posts
    125

    resolved [RESOLVED] PDO Security Question

    Howdy

    Basically i have not been able to find anything stating otherwise that

    PHP Code:
    $sth->execute(array($var1$var2)); 
    Executing with the parameters included is equal to

    PHP Code:
    $sth->bindParam(1$var1PDO::PARAM_INT);
    $sth->bindParam(2$var2PDO::PARAM_STR12);
    $sth->execute(); 
    Executing with the parameters defined in bindParam() Security wise.

    Using bindParam seems more secure to me because it defines the data type.. (like PDO::PARAM_INT)

    Can anyone Clarify if either is superior to the other in security, Please and Thanks
    Last edited by Nvenom; 08-03-2012 at 04:42 AM.
    Albert Einstein ~ "Any intelligent fool can make things bigger and more complex... It takes a touch of genius - and a lot of courage to move in the opposite direction."

    Things To help you on this Site

    1. Place all php code in [php] Tags
    2. Place all html code in [html] Tags
    3. Remember to mark all your Threads Resolved using thead tools at the top when your problem is solved

  2. #2
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,175
    I don't think it makes a difference security-wise (SQL injection will be prevented in either case), though it may help prevent/detect programming errors.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  3. #3
    Join Date
    May 2011
    Location
    With Hobbits
    Posts
    125
    Okay, Thanks for the reply
    Albert Einstein ~ "Any intelligent fool can make things bigger and more complex... It takes a touch of genius - and a lot of courage to move in the opposite direction."

    Things To help you on this Site

    1. Place all php code in [php] Tags
    2. Place all html code in [html] Tags
    3. Remember to mark all your Threads Resolved using thead tools at the top when your problem is solved

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles