[html5] r4384 - [e] (0) Replace 'replace' with 'bind' to reduce the change of people doing subst [...]
whatwg at whatwg.org
whatwg at whatwg.org
Mon Nov 30 18:13:44 PST 2009
Author: ianh
Date: 2009-11-30 18:13:42 -0800 (Mon, 30 Nov 2009)
New Revision: 4384
Modified:
source
Log:
[e] (0) Replace 'replace' with 'bind' to reduce the change of people doing substitutions.
Modified: source
===================================================================
--- source 2009-12-01 02:02:55 UTC (rev 4383)
+++ source 2009-12-01 02:13:42 UTC (rev 4384)
@@ -66146,20 +66146,19 @@
<li>
- <p>Replace each <code title="">?</code> placeholder with the value
- of the argument in the <var title="">arguments</var> array with
- the same position. (So the first <code title="">?</code>
- placeholder gets replaced by the first value in the <var
- title="">arguments</var> array, and generally the <var
- title="">n</var>th <code title="">?</code> placeholder gets
- replaced by the <var title="">n</var>th value in the <var
- title="">arguments</var> array.)</p>
+ <p>Bind each <code title="">?</code> placeholder with the value of
+ the argument in the <var title="">arguments</var> array with the
+ same position. (So the first <code title="">?</code> placeholder
+ gets bound to the first value in the <var title="">arguments</var>
+ array, and generally the <var title="">n</var>th <code
+ title="">?</code> placeholder gets bound to the <var
+ title="">n</var>th value in the <var title="">arguments</var>
+ array.)</p>
- <p class="note">Substitutions for <code title="">?</code>
- placeholders are done at the literal level, not as string
- concatenations, so this provides a way to dynamically insert
- parameters into a statement without risk of a SQL injection
- attack.</p>
+ <p class="note">Binding the <code title="">?</code> placeholders
+ is done at the literal level, not as string concatenations, so
+ this provides a way to dynamically insert parameters into a
+ statement without risk of a SQL injection attack.</p>
<p>The result is <var title="">the statement</var>.</p>
More information about the Commit-Watchers
mailing list