MySQL 5.0 Now Available for Production Use

chicagoan writes "MySQL AB today announced the general availability of MySQL 5.0, the most significant product upgrade in the company's ten-year history. The major new version delivers advanced SQL standard-compliant features such as stored procedures, triggers, views & new pluggable storage engines. Over 30 enterprise platform and tool vendors have also expressed enthusiastic support for the new release of the world's most popular open source database."

no x.0 for me...

[ChristTrekker]

I never get the .0 release of anything...once bitten, twice shy, I suppose. I'll stick with the 4.x series until the stability is proven.

And I've been wanting to try out Postgres anyway...

Generic Web-Frontends for MySQL

[Monkey-Man2000]

This is slightly off-topic, but I was wondering if anyone is aware of any generic web-frontends for MySQL? I can write something pretty easily that's not generic, but I'm particularly interested in something for a novice user who doesn't want to program anything. Something that can generate reports based on specified queries, that was customizable, etc.

Re:what the?

[El_Servas]

I wonder what use could you have for the sine and cosine functions in a video blog...

Oh well. Maybe i'm just old.

Re:stored procs and triggers, finally

[mattyrobinson69]

some code, php: (this might be slightly off, i cant be arsed testing it)

foreach ($_POST as $key => $value){
  $_POST['key']= preg_replace('/(\'|")/', '', $value);
}
foreach ($_GET as $key => $value){
  $_GET['key']= preg_replace('/(\'|")/', '', $value);
}

just stick that at the top of all your php scripts that do any sql (or stick it in an include file like i do). the php5 version is slightly tidier, but i use php4 myself.

Re:stored procs and triggers, finally

[christopherfinke]

That code will only end up defining $_POST["key"] and $_GET["key"] for each POST and GET argument. More likely, you meant:


foreach ($_POST as $key => $value){
    $_POST[$key]= preg_replace('/(\'|")/', '', $value);
}
foreach ($_GET as $key => $value){
    $_GET[$key]= preg_replace('/(\'|")/', '', $value);
}

and correct me if I'm wrong, but does the above just remove all single and double quotes from all GET and POST vars? Some people may need those characters... Why not just use stripslashes (if you have magic quoting on) and mysql_escape_string?

foreach ($_GET as $key => $val) $_GET[$key] = stripslashes($val);

$query = "UPDATE ... SET `field`='".mysql_escape_string($_GET["foo"])."' WHERE ... ";

Re:stored procs and triggers, finally

[Ford+Prefect]

[C]orrect me if I'm wrong, but does the above just remove all single and double quotes from all GET and POST vars? Some people may need those characters... Why not just use stripslashes (if you have magic quoting on) and mysql_escape_string?

That's what I do - I enforce that all strings are completely unadorned with any extra escape-slashes junk, and always add them in when they're actually needed. Likewise for numbers - I'll cast them to integers as appropriate, so they can't actually be strings in disguise.

$query = "SELECT blah FROM ".DB_PREFIX."foo WHERE badger = '".mysql_escape_string( $badger )."' AND id = ".(integer )$id." ";

I do this completely automatically now; it actually makes the SQL in my PHP quite nice to read with syntax highlighting, as I know exactly what each variable is supposed to contain. Doing it consistently is a great help, too...