|
|
|
|
|
|
by 9dev
1216 days ago
|
|
|
Read this article for a primer on why PDO is a vastly better choice: https://phpdelusions.net/pdo#why And the fact that it’s 2023 and we’re somehow ok with the biggest web application there is not using parametrised queries in its core completely stumps me. Time and time again, SQL injection attacks in Wordpress or it’s plugins pop up. PDO with parametrised queries simply eliminates this issue. |
|
|
True, but plugin authors not caring about using them is the primary issue, and that doesn't change just because wpdb uses a different API under the hood.