I'm taking over for a legacy PHP application that used mysql and did NOT use prepared SQL statements. I'm refactoring it to use mysqli and prepared SQL statements, so I'm wondering if I can get rid of the plethora of "mysqli_real_escape_string()" function calls that were used prior to storing the parsed JSON responses into the mysql 5.x database.
I will sanitize the output prior to spitting it out to my HTML form but hope I can simply *delete* the dozens and dozens of lines that are no longer (in my mind) necessary... I mean, doesn't BullHorn API PUT's and POST's validate for funny characters anyway?
Forum for users and developers of Bullhorn's API service.
1 post • Page 1 of 1