Safe-by-design: drizzle_queryf()

Bug #749471 reported by Olaf van der Spek
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Drizzle PHP Extension
New
Undecided
Unassigned

Bug Description

Could you add a function that makes it easier to write queries in a safe way?
Proposed syntax:
drizzle_queryf("select * from %n where uid = %d", 'users', $_GET['uid']);

%s: escape, surround with '
%n: escape, surround with `
%d: either ensure it's an int or just escape and surround

A squeryf() variant that returns the result for composition would be handy too.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.