Chapter 10 Answers

Question 10-1

The standard MySQL function used for connecting to a MySQL database is mysql_connect.

Question 10-2

The mysql_result function is not optimal when more than one cell is being requested, because it fetches only a single cell from a database and therefore has to be called multiple times, whereas mysql_fetch_row will fetch an entire row.

Question 10-3

The POST form method is generally better than GET, because the fields are posted directly, rather than appending them to the URL. This has several advantages, particularly in removing the possibility to enter spoof data at the browser’s address bar. (It is not a complete defense against spoofing, however.)

Question 10-4

To determine the last entered value of an AUTO_INCREMENT column, use the mysql_insert_id function.

Question 10-5

The PHP function that escapes a string, making it suitable for use with MySQL, is mysql_real_escape_string.

Question 10-6

Cross Site Scripting injection attacks can be prevented using the function htmlentities.

Get Learning PHP, MySQL, and JavaScript now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.