MantisBT - ATutor
View Issue Details
0005161ATutor- no cat -public2013-01-23 11:202013-12-28 12:49
a52c8a1..5c3eb12 master -> master
0005161: Using mysqli database extension
MySQLi allows to use extra functionality as prepare() which will allow to check the syntax of the sql query before its execution as well as proper variable conversions passed into the query using MySQL engine. This conversion will allow to eliminate the case of SQL injections and custom built data normalizing functions in the project.

Also with the use of prepare it will be possible to create one generic SQL query function to query the database by passing SQL string and an array of variables. This way SQL querying could be normalized to only one function call everywhere in the project instead of using different query styling. Using one function everywhere will also minimize chances of SQL injections.
No tags attached.
Issue History
2013-01-23 11:20anovakNew Issue
2013-02-06 09:04gregNote Added: 0005965
2013-02-06 09:24anovakNote Added: 0005966
2013-02-06 09:32anovakNote Deleted: 0005966
2013-02-06 09:34anovakNote Added: 0005968
2013-03-07 10:30gregRelationship addedrelated to 0003699
2013-12-22 10:51gregRelationship deletedrelated to 0003699
2013-12-22 10:52gregSVN Revision# => a52c8a1..5c3eb12 master -> master
2013-12-22 10:52gregNote Added: 0006573
2013-12-22 10:52gregStatusnew => resolved
2013-12-22 10:52gregFixed in Version => 2.2
2013-12-22 10:52gregResolutionopen => fixed
2013-12-22 10:52gregAssigned To => greg
2013-12-28 12:49gregNote Added: 0006596
2013-12-28 12:49gregStatusresolved => closed

2013-02-06 09:04   

I have experienced a problem that could be quite hard to debug. Be
careful if you are going to upgrade mysql to mysqli, one thing to note
is the use of "mysql_fetch_row" vs "mysqli_fetch_row".

mysql: "returns ...or FALSE if there are no more rows. "
mysqli: "returns ...or NULL if there are no more rows. "

This can take up to infinite hours to trace. It will only tell you it
has a memory exhaust if you are checking returned value as === false.

refs: [^] [^]

2013-02-06 09:34   
At the moment it is hard to think if currently we have any issues but it might be something useful once we will do the upgrade.
2013-12-22 10:52   
Enabled mysqli db access functions (install still needs testing)
2013-12-28 12:49   
closed for ATutor 2.2