Skip to content

Instantly share code, notes, and snippets.

@MadaraUchiha
Last active May 9, 2019 23:07
Show Gist options
  • Save MadaraUchiha/3881905 to your computer and use it in GitHub Desktop.
Save MadaraUchiha/3881905 to your computer and use it in GitHub Desktop.
Don't use MySQL functions in PHP - Comment for Stack Overflow
[**Please, don't use `mysql_*` functions in new code**](http://bit.ly/phpmsql). They are no longer maintained [and are officially deprecated](http://j.mp/XqV7Lp). See the [**red box**](http://j.mp/Te9zIL)? Learn about [*prepared statements*](http://j.mp/T9hLWi) instead, and use [PDO](http://php.net/pdo) or [MySQLi](http://php.net/mysqli) - [this article](http://j.mp/QEx8IB) will help you decide which. If you choose PDO, [here is a good tutorial](http://j.mp/PoWehJ).

Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.

@PeeHaa
Copy link

PeeHaa commented Mar 14, 2013

To prevent it to look spammy I often just cherry pick the links OP needs and write a custom comment.

@MadaraUchiha
Copy link
Author

@PeeHaa, Try to see if you can fork this gist and come up with a better version that you usually give. Or do you customize the comment into the occasion?

Copy link

ghost commented Mar 16, 2013

Also, on a side note. When I first saw this being posted on SO as a new user I thought the whole:

See the red box?

Was kinda rude sounding. It makes it seem like we are saying to the OP "Are you an idiot? Can you not read?"
So, maybe remove that or reword it so it doesn't sound so harsh.

@PeeHaa
Copy link

PeeHaa commented Mar 17, 2013

@MadaraUchiha I do this on a case by case basis. So basically what I am saying is that I just manually write a comment and add the links that OP needs.

@swamimayank
Copy link

it could be like You are using an obsolete database API and should use a modern replacement.

  You are using [an obsolete database API](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php) and should use a [modern replacement.](http://php.net/manual/en/mysqlinfo.api.choosing.php)

@Tar-Minyatur
Copy link

**Careful!** The `mysql_*` functions are [old and should not be used anymore](http://bit.ly/phpmsql). Please have a look at [PDO](http://php.net/pdo) or [MySQLi](http://php.net/msqli), which are better [MySQL API choices](http://php.net/manual/en/mysqlinfo.api.choosing.php).

Careful! The mysql_* functions are old and should not be used anymore. Please have a look at PDO or MySQLi, which are better MySQL API choices.

@J7mbo
Copy link

J7mbo commented Mar 18, 2013

Something about "can be dangerous in live code" would alert the user to SQL injection.

@swamimayank
Copy link

@J7mbo AFAIK mysql_* are safe as pdo or mysqli ... i think its all about deprecation of api ?

@Incognito
Copy link

Alternative language:

In most cases you want to use the PDO over mysql__. PDO is designed to work with a MySQL database better than the now deprecated mysql__.

Use of mysql_* statements may lead to data breaches and website hijacking due to the well known security vulnerabilities associated with its use. mysql_* is no longer supported by PHP and use of it will prevent you from upgrading PHP to the latest most secure, fast and stable release.

Learn how easy PDO is here

@CS1000
Copy link

CS1000 commented Apr 18, 2013

High-impact version

Less rude (no red box in your face, don't tell what to learn), more friendly:

There is no more support for mysql_* functions, they are officially deprecated, no longer maintained and will be removed in the future. You should update your code with PDO or MySQLi to ensure the functionality of your project in the future.

Copy-pasta Markdown code:

There is **no more support** for `mysql_*` functions, they are [**officially deprecated**](https://wiki.php.net/rfc/mysql_deprecation), **no longer maintained** and will be [**removed**](http://php.net/manual/en/function.mysql-connect.php#warning) in the future. You should update your code with [PDO](http://php.net/pdo) or [MySQLi](http://php.net/msqli) to ensure the functionality of your project in the future.

@qwertynl
Copy link

qwertynl commented Jan 3, 2014

@godka -- There is a typo on your mysqli link.

@maniator
Copy link

maniator commented Apr 9, 2014

Here is the fully working version of @godka's code:

There is **no more support** for `mysql_*` functions, they are [**officially deprecated**](https://wiki.php.net/rfc/mysql_deprecation), **no longer maintained** and will be [**removed**](http://php.net/manual/en/function.mysql-connect.php#warning) in the future. You should update your code with [PDO](http://php.net/pdo) or [MySQLi](http://php.net/mysqli) to ensure the functionality of your project in the future.

There is no more support for mysql_* functions, they are officially deprecated, no longer maintained and will be removed in the future. You should update your code with PDO or MySQLi to ensure the functionality of your project in the future.

@benjamingr
Copy link

lame

@maniator
Copy link

@benjamingr is it though?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment