Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:53966 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 23918 invoked from network); 15 Jul 2011 01:37:55 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 15 Jul 2011 01:37:55 -0000 Authentication-Results: pb1.pair.com smtp.mail=larry@garfieldtech.com; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=larry@garfieldtech.com; sender-id=unknown Received-SPF: error (pb1.pair.com: domain garfieldtech.com from 66.111.4.28 cause and error) X-PHP-List-Original-Sender: larry@garfieldtech.com X-Host-Fingerprint: 66.111.4.28 out4.smtp.messagingengine.com Received: from [66.111.4.28] ([66.111.4.28:44407] helo=out4.smtp.messagingengine.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 56/C0-16893-2F99F1E4 for ; Thu, 14 Jul 2011 21:37:55 -0400 Received: from compute6.internal (compute6.nyi.mail.srv.osa [10.202.2.46]) by gateway1.messagingengine.com (Postfix) with ESMTP id C0E8120809 for ; Thu, 14 Jul 2011 21:37:51 -0400 (EDT) Received: from frontend2.messagingengine.com ([10.202.2.161]) by compute6.internal (MEProxy); Thu, 14 Jul 2011 21:37:51 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=messagingengine.com; h=message-id:date:from:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding; s=smtpout; bh=gfpo48EU6MoxtMaeVYZA+XL+JxU=; b=ctBkEoy9krlneZd9FTOVwB510vESAp64y10DOcPucbxzMGFPPSUlv/+KeAl8OA2esraz2WjYwkWj/F0Q3F3Km/H4IZGAd29ydwvr/CdUdK8nSgxhShDGtAaV0ikvrH9F58uXGEQGft5M8aXlUeoNy04HsyPt+tSFRTxtf02U4EY= X-Sasl-enc: fGYwNgBXcVfDxJgckgnyEUKKgKTcaR2FcO4nxqSQDKK3 1310693871 Received: from linux-nkec.site (c-71-57-95-65.hsd1.il.comcast.net [71.57.95.65]) by mail.messagingengine.com (Postfix) with ESMTPSA id 8739944712E for ; Thu, 14 Jul 2011 21:37:51 -0400 (EDT) Message-ID: <4E1F9AD0.8000706@garfieldtech.com> Date: Thu, 14 Jul 2011 20:41:36 -0500 User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.18) Gecko/20110616 SUSE/3.1.11 Thunderbird/3.1.11 MIME-Version: 1.0 To: internals@lists.php.net References: <9F1FA580-FD3F-4C3F-9E26-51A095CF6EE9@roshambo.org> In-Reply-To: <9F1FA580-FD3F-4C3F-9E26-51A095CF6EE9@roshambo.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] deprecating ext/mysql From: larry@garfieldtech.com (Larry Garfield) On 07/10/2011 12:03 PM, Philip Olson wrote: > Greetings PHP geeks, > > Don't panic! This is not a proposal to add errors or remove this popular extension. Not yet anyway, because it's too popular to do that now. > > The documentation team is discussing the database security situation, and educating users to move away from the commonly used ext/mysql extension is part of this. > > This proposal only deals with education, and requests permission to officially convince people to stop using this old extension. This means: > > - Add notes that refer to it as deprecated > - Recommend and link alternatives > - Include examples of alternatives > > There are two alternative extensions: pdo_mysql and mysqli, with PDO being the PHP way and main focus of future endeavors. Right? Please don't digress into the PDO v2 fiasco here. > > What this means to ext/mysql: > > - Softly deprecate ext/mysql with education (docs) starting today > - Not adding E_DEPRECATED errors in 5.4, but revisit for 5.5/6.0 > - Add pdo_mysql examples within the ext/mysql docs that mimic the current > examples, but occasionally introduce features like prepared statements > - Focus energy on cleaning up the pdo_mysql and mysqli documentation > - Create a general "The MySQL situation" document that explains the situation > > The PHP community has been recommending alternatives for several years now, so hopefully this won't be a new concept or shock to most users. > > Regards, > Philip A-frickin'-men! :-) Just today I was talking to a new developer in #PHP in IRC who had code with mysql_* calls in it. I don't know where he found them, but I told him to put them back where he found them right away and use PDO instead. That people are still learning ext/mysql in this day and age is quite sad. There's millions of lines of code out there we can't break yet, but we can absolutely structure documentation so that we don't produce even more PHP developers who mistakenly think that mysql_query() is a good idea. +1 --Larry Garfield