rspec/rules/S2077/php/comments-and-links.adoc

=== on 27 Jul 2015, 12:37:52 Ann Campbell wrote:
Ref: \http://code.tutsplus.com/tutorials/php-database-access-are-you-doing-it-correctly--net-25338

=== on 27 Jul 2015, 12:38:13 Ann Campbell wrote:
back to you for double-checking [~alexandre.gigleux]

=== on 1 Sep 2016, 14:48:21 Alexandre Gigleux wrote:
LGTM

=== on 22 Oct 2018, 13:30:30 Nicolas Harraudeau wrote:
*Implementation details*:

The functions listed above don't support prepared statements, thus the only way to provide parameters is to concatenate strings. An issue will be created if it cannot be proven that the SQL string is hardcoded. For example an issue will be created if the SQL string is provided as a variable to the current method. If on the contrary the variable is local to the method and is assigned a hard-coded string there will be no issue raised.


For other functions which support prepared statement, the default behavior should be inverted. If the string cannot be proven to be concatenated there is no issue. Thus no issue will be created if the SQL string is provided as a variable to the current method.

include::../comments-and-links.adoc[]
Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`=== on 27 Jul 2015, 12:37:52 Ann Campbell wrote:`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`Ref: \http://code.tutsplus.com/tutorials/php-database-access-are-you-doing-it-correctly--net-25338`

Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`=== on 27 Jul 2015, 12:38:13 Ann Campbell wrote:`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`back to you for double-checking [~alexandre.gigleux]`

Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`=== on 1 Sep 2016, 14:48:21 Alexandre Gigleux wrote:`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`LGTM`

Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`=== on 22 Oct 2018, 13:30:30 Nicolas Harraudeau wrote:`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`Implementation details:`

			`The functions listed above don't support prepared statements, thus the only way to provide parameters is to concatenate strings. An issue will be created if it cannot be proven that the SQL string is hardcoded. For example an issue will be created if the SQL string is provided as a variable to the current method. If on the contrary the variable is local to the method and is assigned a hard-coded string there will be no issue raised.`


			`For other functions which support prepared statement, the default behavior should be inverted. If the string cannot be proven to be concatenated there is no issue. Thus no issue will be created if the SQL string is provided as a variable to the current method.`

			`include::../comments-and-links.adoc[]`