The problem:
I can't use odbc_prepare or PDO->prepare with my queries because the driver I'm using (HyperFileSQL) has many issues. So, what can I do?
Details:
- I'm able to use PDO for some queries when my data doesn't contain big strings (more than 255 characters), so I can use prepared statements without problems, but with some queries, I can't since they return data with big strings (driver problem I guess)
- So, I'm using odbc for these queries. But when I try odbc_prepare, the driver says the following :
"Function SQLGetDescribeParam not supported by the driver, SQL state IM00 in SQLDescribeParameter"
- I checked the following recommendations but can't find anything working for me (in the propers solutions): How can I prevent SQL injection in PHP?
So... I guess I have the following options :
- Hardcode to escape bad caracters
- Migrate data to MySQL and use PDO or ODBC that will work I guess
- Execute queries with PDO to return the data ID (so I can protect my statement), and then use odbc to return my big strings, using the ID returned by PDO...
- Change my job to cook some delicious cookies
I still have hopes, so please, tell me there are easier and proper solutions.