W3C home > Mailing lists > Public > public-html-commits@w3.org > December 2009

html5/webdatabase Overview.html,1.48,1.49

From: Ian Hickson via cvs-syncmail <cvsmail@w3.org>
Date: Tue, 01 Dec 2009 02:13:48 +0000
To: public-html-commits@w3.org
Message-Id: <E1NFIFQ-0003yL-VR@lionel-hutz.w3.org>
Update of /sources/public/html5/webdatabase
In directory hutz:/tmp/cvs-serv15251

Modified Files:
	Overview.html 
Log Message:
Replace 'replace' with 'bind' to reduce the change of people doing substitutions. (whatwg r4384)

Index: Overview.html
===================================================================
RCS file: /sources/public/html5/webdatabase/Overview.html,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -d -r1.48 -r1.49
--- Overview.html	1 Dec 2009 02:02:59 -0000	1.48
+++ Overview.html	1 Dec 2009 02:13:46 -0000	1.49
@@ -518,17 +518,17 @@
 
    <li>
 
-    <p>Replace each <code title="">?</code> placeholder with the value
-    of the argument in the <var title="">arguments</var> array with
-    the same position. (So the first <code title="">?</code>
-    placeholder gets replaced by the first value in the <var title="">arguments</var> array, and generally the <var title="">n</var>th <code title="">?</code> placeholder gets
-    replaced by the <var title="">n</var>th value in the <var title="">arguments</var> array.)</p>
+    <p>Bind each <code title="">?</code> placeholder with the value of
+    the argument in the <var title="">arguments</var> array with the
+    same position. (So the first <code title="">?</code> placeholder
+    gets bound to the first value in the <var title="">arguments</var>
+    array, and generally the <var title="">n</var>th <code title="">?</code> placeholder gets bound to the <var title="">n</var>th value in the <var title="">arguments</var>
+    array.)</p>
 
-    <p class="note">Substitutions for <code title="">?</code>
-    placeholders are done at the literal level, not as string
-    concatenations, so this provides a way to dynamically insert
-    parameters into a statement without risk of a SQL injection
-    attack.</p>
+    <p class="note">Binding the <code title="">?</code> placeholders
+    is done at the literal level, not as string concatenations, so
+    this provides a way to dynamically insert parameters into a
+    statement without risk of a SQL injection attack.</p>
 
     <p>The result is <var title="">the statement</var>.</p>
 
Received on Tuesday, 1 December 2009 02:13:51 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 1 December 2009 02:13:51 GMT