I read here that using the old mysql-functions is not recommended anymore. But is it of any use to make the effort to update the code in an already finshed and running project so only mysqli-functionality is used?
What would be the benefits?
What security issues would be enhanced?
分享 If you have you security all right in the current project, it wouldn't be enhanced then.
Though, it is extremely common habit of PHP users to confuse security measures, so, you have to double-check. Say, if you're using a home-brewed version of magic quotes, by escaping all input parameters - you're in danger.
You need to audit the security despite of changing drivers though.
And you can achieve them without moving to mysqli, though.
As of benefits - there are none, compared to all the pains of rewriting.
If you're still in the mood of rewriting, I have a suggestion:
Instead of just rewriting from one raw API to another, let me suggest you to adopt some database abstraction library, moving raw API calls from all of your code into one compact place.
It will not only make your code dramatically shorter, but also will help in the future, when someone will have a whim to deprecate mysqli in turn - you will have to rewrite your class' methods only, not all the code.
分享
