What does the RFP Prepare do when we use it?

0

What exactly does it prepare you for?

For example, does it encrypt, or something like that? Because, frankly, I use the method, but I never quite understood its use.

<html>
<head></head>
<body>
    <?php
        $a = new PDO(); //Imaginem que minhas infos estão aqui
        $query = "SELECT * FROM tableusers";
        $a->prepare($query);
        $a->execute();
    ?>
</body>
</html>

In case there, without using the prepare would work in the same way. Or not? Does it perform what "underneath the rags"?

    
asked by anonymous 21.07.2018 / 04:19

1 answer

3

According to the PHP documentation at php.net

  Calling PDO :: prepare () and PDOStatement :: execute () for statements that will be issued multiple times with different parameter values optimizes the performance of your application by allowing the driver to negotiate the client and / or server cache query plan and meta information and helps prevent SQL injection attacks, eliminating the need to manually quote the parameters.

It helps prevent SQL injection by separating the command from the parameters, treating the parameters entered by the user as pure text.

Read more at: link

    
21.07.2018 / 12:10