Alessandro Vesely wrote:
> Indeed, to use prepared statements would be itself a good reason to review
> that code. It was added in MySQL 4.1.2, the auth code still has a conditional
> part for older MySQL versions. Should I assume we should continue supporting
> them, and use that statement only for recent versions?
I'm not sure what "older" versions means, specifically. Prepared
statements have been supported by MySQL since the production release of
4.1 in late 2004. Support for the 4.1 release ended 15 months ago. I
don't think it's appropriate to support anything older than that, and if
supporting 4.1 means a less secure or less maintainable driver, I don't
see why you'd go out of your way to support even that.