You can only use one PHP mysql escaping function, all others are bad and allow exploits. But psychology tells us that in this situation it's like knowing which of four identical red buttons to press. So which one do you press? Not so fast...The human aspects of game theory study human behavior and outcomes. A Schelling point is the concept of the most likely choice one makes. It's our nature to assume the right PHP function has "mysql" and "escape" in it and we get four of these. So is the trick to not confuse them?In Python#++/PHP, the right choice is not the obvious one, but a combination of the prepare, execute, and fetchAll (but not fetch) methods of a PDO object. This is really unexpected, unless you know the catch-22.

A career in programming is a sad life of collecting catch-22s.Code: You came looking for a red button and found four huge, identical red buttons, but the right action is to unscrew a lit bulb, flip a switch hidden under the table, turn a crank 5 times (but not 4 or 6), and pull the chain that blows the steam whistle. _You should know that_.This is kind of idiotic, and you can easily say that Haskell solves many of those issues. We don't have 4 wrong functions for mysql, and if there's a bug we choose safety and break compat. But the quality is only incidental and hinges on discipline and experience; we lack method.You want to do stream IO in Haskell. What do you use? conduit? pipes? streaming? machines? Arrow? iteratee? iterIO? enumerator? liboleg? io-streams? You are now confronted with not four, but ten!!! red buttons, and you don't really know that any one of them is the right choice.