[wp-hackers] Making WP more secure the evolutionary way

Mike Schinkel mikeschinkel at newclarity.net
Tue Jan 27 07:25:40 GMT 2009

"Otto" <otto at ottodestruct.com> wrote:
> That's the beauty of overloading. Remember that Zend DB stuff 
> I was talking about before? Using that, you can just as easily 
> query with SQL directly. $db->fetchAll('select whatever') works 
> just as well there too. The API functionality is meant to add 
> to the base, not take away from it. Sometimes it's better to 
> build a query dynamically, in parts. Sometimes, it's not.

I think you understood my last point to be the inverse of what I was asking for. My last point wasn't about it being ok/better/worse better to query with SQL and sometimes without, but that if you are going to move ahead with an abstraction layer written in PHP I was asking that you (collectively) at least do the community a favor and also create a MySQL client that can allow someone to interactively query a MySQL database using your abstraction layered PHP code vs. someone having to unravel it by hand into SQL to test in a MySQL client that only understand MySQL.  With eval() in PHP, it wouldn't be that hard.


More information about the wp-hackers mailing list