I try to avoid writing the SQL-code for each and every update or insert.

Question

0

Asked: May 27, 20262026-05-27T11:38:11+00:00 2026-05-27T11:38:11+00:00

I try to avoid writing the SQL-code for each and every update or insert.

0

I try to avoid writing the SQL-code for each and every update or insert. Instead a PHP-function takes some parameters (add or change, tablename, fields-list) and builds the SQL from it. This is similar, but not identical, to the preferred method of using parameterized statements (mysqli).

Is my way of creating SQL putting a big smile in the face of hackers?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T11:38:11+00:00

Editorial Team

2026-05-27T11:38:11+00:00Added an answer on May 27, 2026 at 11:38 am

Oh yes – see Wikipedia, and the obligatory xkcd reference.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I try to avoid writing the SQL-code for each and every update or insert.

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply