零零乙
2012-10-12 13:18
采纳率: 50%
浏览 704
已采纳

为什么我不应该在 PHP 中使用 mysql * 函数?

What are the technical reasons for why one shouldn't use mysql_* functions? (e.g. mysql_query(), mysql_connect() or mysql_real_escape_string())?

Why should I use something else even if they work on my site?

If they don't work on my site, why do I get errors like

Warning: mysql_connect(): No such file or directory

转载于:https://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php

  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 邀请回答

14条回答 默认 最新

  • Lotus@ 2012-10-27 15:20
    最佳回答

    The MySQL extension:

    • Is not under active development
    • Is officially deprecated as of PHP 5.5 (released June 2013).
    • Has been removed entirely as of PHP 7.0 (released December 2015)
      • This means that as of 31 Dec 2018 it will not exist in any supported version of PHP. Currently, it only gets security updates.
    • Lacks an OO interface
    • Doesn't support:
      • Non-blocking, asynchronous queries
      • Prepared statements or parameterized queries
      • Stored procedures
      • Multiple Statements
      • Transactions
      • The "new" password authentication method (on by default in MySQL 5.6; required in 5.7)
      • All of the functionality in MySQL 5.1

    Since it is deprecated, using it makes your code less future proof.

    Lack of support for prepared statements is particularly important as they provide a clearer, less error-prone method of escaping and quoting external data than manually escaping it with a separate function call.

    See the comparison of SQL extensions.

    评论
    解决 无用
    打赏 举报
查看更多回答(13条)

相关推荐 更多相似问题