From: ldo@nz.invalid   
      
   On Wed, 9 Jul 2025 15:33:50 -0400, Arne Vajhøj wrote:   
      
   > On 7/9/2025 3:25 AM, Lawrence D'Oliveiro wrote:   
   >>   
   >> On Tue, 8 Jul 2025 21:54:20 -0400, Arne Vajhøj wrote:   
   >>>   
   >>>    
   >>> Defense Option 4: STRONGLY DISCOURAGED: Escaping All User-Supplied   
   >>> Input    
   >>   
   >> Unfortunately, you often have no choice.   
   >   
   > You practically always have a choice.   
      
   Fine. Show alternatives to the code I posted that offers this “choice” you   
   speak of.   
      
   > Your escape function does not have database connection either.   
      
   Which one? Naturally escaping/quoting is a common need every time you   
   encounter the situation of embedding one language inside another.   
      
   > Reporting of SQL errors is not optional in PHP.   
      
   If it wasn’t “optional”, why would you need to enable it via the   
   “error_reporting()” function?   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)