[wp-hackers] Making WP more secure the evolutionary way

Otto otto at ottodestruct.com
Mon Jan 26 14:46:23 GMT 2009


On Sun, Jan 25, 2009 at 9:22 PM, Daniel Torreblanca
<regulatethis at gmail.com> wrote:
> I really think that Florian's thread is starting to get hijacked, but
> as far as syntax goes, I really enjoy working with CakePHP's find()
> arguments.
>
> e.g. $this->Listing->find('all', array('conditions' => array('User.id'
> => $user['id']), 'order' => 'Listing.created DESC'));
>
> It gives me the ability to still use SQL syntax directly but the
> safety and consistency of more abstraction. The above example is quite
> simple, I've used much more complicated ones, and this system makes
> generating very dynamic queries easy.

I used the Zend Table stuff for a while, and I liked it to a certain
extent. It looks like this:

$selectstmt = $table->select()->where('whatever = ?',
$whatever)->order('something ASC');
$row = $table->fetchRow($selectstmt);

This would get a row as an object (one predefined by a class for that
row type), or as a generic row if you didn't define it as something
special. You could also get multiple rows like so:
$rows = $table->fetchAll($selectstmt);

This gives you a "RowSet", which was just a fancied up array of Rows.
It's really quite clever, and the classes allow for specifying the
dependent tables as well, which could then be automatically retrieved
based on the parent tables (internally it uses joins to do this).
Clever.

-Otto


More information about the wp-hackers mailing list