FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Sanitising input
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Sanitising input [message #172120 is a reply to message #172119] Mon, 31 January 2011 05:10 Go to previous messageGo to previous message
Jerry Stuckle is currently offline  Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
Senior Member
On 1/31/2011 12:01 AM, Ross McKay wrote:
> On Sun, 30 Jan 2011 23:12:09 -0500, Jerry Stuckle wrote:
>
>> Except there is a tremendous amount of overhead in PDO - I've had two
>> sites I have had to rewrite without it to get respectable performance.
>
> When was that, 2006? I understand it was the case once that PDO was much
> slower than using the mysql_* or mysqli_* functions, but I've yet to run
> into a performance problem that wasn't my own stupid fault.
>

About 4 months ago. PDO is still slower. It has to use the same mysql_
functions that PHP uses - it just adds an additional layer before
calling them. I got a significant performance increase simply by
dropping PDO in favor of native calls.

>> And bound parameters are not without their own overhead, either.
>
> But minimal overhead, compared with the actual database statement
> execution.
>

An overly broad statement which is not at all absolutely true. The
overhead of the bound parameters may easily exceed that of an efficient
statement execution. And whether the overhead is minimal or not - it is
still added overhead.

>> Not to say you shouldn't use PDO or bound parameters - they have their
>> uses. But a good programmer understands the different ways of doing
>> things and the advantages and disadvantages of each, instead of just
>> saying "this is the best way for you". It may or may not be the "best
>> way".
>
> First crawl, then walk, then run. I'd rather the OP got to running with
> two intact feet. Then they can determine the best way. ITMT, their
> question has been well answered by several posters now, and they get to
> pick their path.
>

Yes, and I've found in over 20 years of corporate programmer training
that it's best to teach the lower level stuff first, along with the
gotchas and restrictions. That way the programmer better *understands*
the process - and can make more informed decisions.

I've seen people who always try to take the quick and easy way out. It
works for a while - but eventually it comes back to bit them every time.
That's why I was able to make several thousand dollars converting the
site from PDO to native calls - the guy who first wrote it thought PDO
was the slickest thing since snot on a doorknob and couldn't be beat.
Well, he was wrong, and unfortunately it cost the customer.

> Optimise last!

UNDERSTAND FIRST!

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Only SPAM!!!
Next Topic: What *tasks* are hard for PHP?
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Wed Nov 27 01:06:24 GMT 2024

Total time taken to generate the page: 0.08992 seconds