Prepared statements in RevCMS

SaW

Member
Mar 3, 2018
101
15
New to prepared statements, and I don't know how I would go about implementing it in RevCMS.
Would it be safe to just create a method in class.engine like this to get the connection:
You must be registered for see images attach

To then accessing it through class.users:
You must be registered for see images attach

I'm all in for learning, and asking here as this is one of the things that I need to get my head around.
Thanks.
 

JayC

Always Learning
Aug 8, 2013
5,505
1,401
You can do it this way, or you can make a global variable inside of the same class that references your connection. Either is an acceptable way. The goal behind prepared statements to to prevent any changes to the query - It prevents SQL Injection
 

SaW

Member
Mar 3, 2018
101
15
You can do it this way, or you can make a global variable inside of the same class that references your connection. Either is an acceptable way. The goal behind prepared statements to to prevent any changes to the query - It prevents SQL Injection
By referencing, do you mean starting a new connection?
I get the idea behind prepared statements, which is why I am aiming to use it
 

JayC

Always Learning
Aug 8, 2013
5,505
1,401
By referencing, do you mean starting a new connection?
I get the idea behind prepared statements, which is why I am aiming to use it
You create a global variable that is assigned to the connection inside one of your 'starting' functions, and then just reference that variable when you went to send a query.
 

Users who are viewing this thread

Top