We need to remind ourselves why mysql_connect is going away. First and foremost it has bad garbage collection, especially in mysql_pconnect. Not to mention mysqli and pro handle sql injection prevention on their own, without the new developers having to sanitize input. While it does help new developers to learn this, many don't so there's a lot of code floating around still vulnerable.
Dave Smith - 2015-07-02 12:39:28 - In reply to message 1 from Dave Wilson
While I agree, that in the long run this change will be a good thing, there will be some blow back initially.
It is also probably not the best idea to leave new developers with the idea that they no longer need to sanitize user input. I believe the best practice is to use prepared statements over relying on MySQLi, which is still vulnerable.
Dave Wilson - 2015-07-02 20:25:26 - In reply to message 2 from Dave Smith
Correct. And thus I feel that mysqli is still capable of inherently teaching these concepts, and still offers PDO as a more rock solid solution. The great thing about mysqli over mysql is it has object oriented and procedural methods, so it can be in a sense a better learning gateway towards OOP based queries.