Prepared statements - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23) +--- Thread: Prepared statements (/showthread.php?tid=15582)

Prepared statements - El Forum - 02-09-2009 [eluser]Unknown[/eluser] I read a lot good things about prepared statements in MySQL and I wondered if there was a way of using them in CI. Is there a way? If I need to, I can install some plugins or something else.. I use PHP5. Thanks in advance Prepared statements - El Forum - 02-09-2009 [eluser]TheFuzzy0ne[/eluser] No, CodeIgniter doesn't support prepared SQL statements. Personally, I find active record a breeze, and much less error prone. Prepared statements - El Forum - 02-09-2009 [eluser]cwt137[/eluser] Even though CI doesn't support prepared statements, it does support Query Bindings. With prepared statements you have to call some type of prepare() function and then some type of execute() function. With query bindings, you only have to call one function and it basically does the same thing. Because of this, I like query bindings better than prepared statements. AR is great for a lot of simple queries or if you are going to hand the code to someone who doesn't know SQL well. But there are times when you need to write a real SQL statement and not use AR. When that happens I hope everybody who uses CI uses query bindings because it protects against SQL injections and makes the query easier to read. Prepared statements - El Forum - 02-09-2009 [eluser]TheFuzzy0ne[/eluser] I agree. Sorry, I completely overlooked query bindings. Another thing about AR is that is helps write portable code, as well as keeping MySQL queries looking neat. I have to admit, that almost every project I've worked on, I've needed to use MySQL specific functionality. For example, in a model I am currently working on, I've needed to use SQL_CALC_FIND_ROWS (to save a second query) and MATCH() AGAINST(), as $this->db->like() just doesn't cut the mustard. Do you still have an issue, or are you going to go with query bindings? EDIT: Thought the post above this was from the OP. D'oh! Prepared statements - El Forum - 02-09-2009 [eluser]Unknown[/eluser] Thanks for the fast replies I'm using AR already, but it seemed quite unsave to me. I'll take a look at QB, thanks guys!