When inserting data into a PostgreSQL database through PHP, should I embed the data in a sql INSERT
statement within the function pg_query
, or would it be more secure to pass the data through an array into the pg_insert
function?
My guess would be pg_insert
since it's just inserting the data directly into the table rather than querying the table and then inserting it.
Please visit http://php.net/manual/en/book.pgsql.php for reference to these 2 functions.