[wp-hackers] Making WP more secure the evolutionary way

Daniel Torreblanca regulatethis at gmail.com
Mon Jan 26 03:22:58 GMT 2009


I really think that Florian's thread is starting to get hijacked, but
as far as syntax goes, I really enjoy working with CakePHP's find()
arguments.

e.g. $this->Listing->find('all', array('conditions' => array('User.id'
=> $user['id']), 'order' => 'Listing.created DESC'));

It gives me the ability to still use SQL syntax directly but the
safety and consistency of more abstraction. The above example is quite
simple, I've used much more complicated ones, and this system makes
generating very dynamic queries easy.
e.g.

Daniel

On Sun, Jan 25, 2009 at 2:44 PM, Jacob Santos <wordpress at santosj.name> wrote:
> Active Record = encapsulates data and methods.
>
> DAO = Passes object to class methods as data.
>
> Table Data Gateway = Data for table is part of the method parameters.
>
> You'll have to forgive me for not knowing the minute differences between the
> three, but I don't think I'll be forgetting them any time soon, so I have
> you to thank for that.
>
>
>
> What I was trying to say, is that there isn't any point in extending the
> current version 1.x of ezsql class API, when better libraries exist. When
> WordPress goes PHP5, then version 2.x of ezsql might be something to look at
> as well.
>
> If the API ends up looking like:
>
> $wpdb->select('*')->join('wp_terms')->where('somestuff',
> 'something')->get('wp_taxonomy');
>
> Then I'll probably won't be committing patches which uses that system, but I
> don't write patches that uses the current db API, so there isn't any
> relevance regardless. I might in the future, maybe. I try to stay away from
> writing patches that require SQL or modifies the WordPress administration.
>
> If the proposal is something like:
>
> $wpdb->get($table, $select, $where, $join);
>
> Or:
>
> $wpdb->get(array( 'table' => $table, 'select' => $select, 'where' => $where,
> 'join' => $join ));
>
> Then, I agree, it would be neat as long as I don't have to use it and can
> still write:
>
> $wpdb->query($mySQLStatement);
>
> Jacob Santos
>
>
> Eric Marden wrote:
>>>
>>> The Active Record Pattern already has many (3: Zend Framework, ADODB, and
>>> ADODB Lite, also part of other frameworks (Yii, Code Igniter, etc) )
>>> libraries devoted to it.
>>
>> Zend uses the Table Data Gateway pattern and not the Active Record
>> pattern.
>>
>> -e
>> _______________________________________________
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>


More information about the wp-hackers mailing list