In this video, you will get an introduction to prepared statements: an advanced concept which completely eliminates the threat of SQL injection by separating the structure of the SQL query from the dynamic data being used in the query.
- [Narrator] Prepared statements are a feature of MySQL and…many other databases.…They are an advanced concept, but I think it's worthwhile to…introduce them so that you can understand what they are.…The general idea is you give MySQL a template…for a query that you want to run.…And you indicate places where you can…fill in the blanks later.…You can see those here are indicated by the question marks.…Then when we want to run the query, we call up our template,…we fill in the blanks, and we tell MySQL to run it.…Why do it this way?…Well, it allows us to prepare the statement once and then…reuse it again in the future.…
And that can make things faster.…When any query runs, the database has to parse it and then…develop a plan for running it.…With prepared statements, the database doe this work…one time, and then you can reuse that work for future…queries where only the variables are changing.…That can be faster.…Especially if you're doing complex queries or repeating the…query often.…More importantly, prepared statements separate the query…
- Organizing project files
- Including and requiring files
- Working with URL parameters
- Encoding dynamic content
- Modifying headers and page redirection
- Creating forms and processing form data
- MySQL basics
- Using PHP to access database tables
- Creating, reading, updating, and deleting database records with PHP
- Validating data
- Preventing SQL injection
Skill Level Beginner
1. Start a Database-Driven Project
2. Build Web Pages with PHP
3. Headers and Redirects
4. Build Forms with PHP
5. MySQL Basics
6. Use PHP to Access MySQL
7. CRUD with PHP
8. Validate Data with PHP
9. Prevent SQL Injection
Next steps1m 8s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.