StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
2039004
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
6
CommunityOwnedDate
CreationDate
2010-01-10T22:56:30.160
FavoriteCount
0
LastActivityDate
2010-01-10T23:22:26.877
LastEditDate
2010-01-10T23:22:26.877
LastEditorUserId
241312
OwnerUserId
241312
ParentId
2038991
PostTypeId
2
Score
0
ViewCount
0
LastEditorDisplayName
text
Body
As long as you sanitize data appropriately for your queries then you don't have to use PDO/prepared statements. Though, I would personally recommend using PDO/prepared statements simply because they do both make development/debugging easier and prepared statements prevent incorrect data types from even getting in to a query. If you want to learn more about how to create a simple prepared statement look in to the function <code>sprintf</code>. You simply replace any variable strings, integers, etc with a type specifier (in this case <code>%s</code> and <code>%d</code> respectively). So for example in the following query, I know that <code>id</code> is going to be an integer (it will be numerical) and <code>name</code> will be a string (alphanumeric). <pre><code>$username = 'Simon'; $id = 3; $query = "SELECT FROM `users` WHERE `id` = {$id} AND `name` = '{$username}'"; </code></pre> If I'm getting either of this variables from an un-trusted source (such as a POST/GET) then I can make sure they are the correct data types by replacing the final line (the $query set) with a <code>sprintf</code> call like this: <pre><code>$username = 'Simon'; $id = 3; $query = sprintf( "SELECT FROM `users` WHERE `id` = %d AND `name` = '%s'", $id, $username ); </code></pre> <code>sprintf</code> will simply not let me use a string for the $id or an integer for the $name when it is called which ensures the correct types of data are given (this gives me that little extra bit of security). IF incorrect data types ARE given then I believe it'll cast the variables to the requested type. To read more about <code>sprintf</code> visit here: <a href="http://php.net/sprintf" rel="nofollow noreferrer">http://php.net/sprintf</a> I hope this explains enough (it's my first answer) :).
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POShould I really be using PDO and prepared statements?
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USSimon
UserOwnerUserId
1. USSimon
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTDownMod
3. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.