PHP

Since most of the /g/tards are presumably gone by now. I want to hear your PHP conspiracy theories again, /prog/. _{^{They're a bit intriguing.}}

>>6
Take for example the argument made in the "fractal of bad design" blog post where it talks about SQL sanitation and why using mysql_real_escape_string() is unsafe and poor design. This is an argument made against an archaic part of PHP, you don't even need to use a framework for SQL sanitizing. There's a class called "PDO" that's a part of the standard library that allows you to bind variables to a SQL string, escaping them in the process. But a framework makes it even easier. Take Laravel as an example, running DB::table('touhous')->where('name', 'LIKE', 'Genjii')->first(); produces select * from `touhous` where `name` like 'Genjii' limit 1, all variables escaped, no possibility of SQL injection.

In fact most of the arguments in that article are made against archaic use of PHP. It's like the writer thinks PHP hasn't progressed since 2000.