Maybe I misspoke. The point is, using MySQLi with prepared statements is safer than regular MySQL because it prevents SQL injection. Yes, just using MySQLi doesn't necessarily guarantee any sort of security -- you can still write unsafe queries and you still need to know what you are doing.
mysql function had nothing to do with security issues, it was the IMPLEMENTATION.. I could create those same issues int MYSQLI if I felt like it.
agentbullvi 1 year ago
@agentbullvi
Maybe I misspoke. The point is, using MySQLi with prepared statements is safer than regular MySQL because it prevents SQL injection. Yes, just using MySQLi doesn't necessarily guarantee any sort of security -- you can still write unsafe queries and you still need to know what you are doing.
Ben Falk
falkencreative 1 year ago