[wp-hackers] Making WP more secure the evolutionary way

Jacob Santos wordpress at santosj.name
Sun Jan 25 19:44:17 GMT 2009


Active Record = encapsulates data and methods.

DAO = Passes object to class methods as data.

Table Data Gateway = Data for table is part of the method parameters.

You'll have to forgive me for not knowing the minute differences between 
the three, but I don't think I'll be forgetting them any time soon, so I 
have you to thank for that.



What I was trying to say, is that there isn't any point in extending the 
current version 1.x of ezsql class API, when better libraries exist. 
When WordPress goes PHP5, then version 2.x of ezsql might be something 
to look at as well.

If the API ends up looking like:

$wpdb->select('*')->join('wp_terms')->where('somestuff', 
'something')->get('wp_taxonomy');

Then I'll probably won't be committing patches which uses that system, 
but I don't write patches that uses the current db API, so there isn't 
any relevance regardless. I might in the future, maybe. I try to stay 
away from writing patches that require SQL or modifies the WordPress 
administration.

If the proposal is something like:

$wpdb->get($table, $select, $where, $join);

Or:

$wpdb->get(array( 'table' => $table, 'select' => $select, 'where' => 
$where, 'join' => $join ));

Then, I agree, it would be neat as long as I don't have to use it and 
can still write:

$wpdb->query($mySQLStatement);

Jacob Santos


Eric Marden wrote:
>> The Active Record Pattern already has many (3: Zend Framework, ADODB, 
>> and ADODB Lite, also part of other frameworks (Yii, Code Igniter, 
>> etc) ) libraries devoted to it.
>
> Zend uses the Table Data Gateway pattern and not the Active Record 
> pattern.
>
> -e
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers



More information about the wp-hackers mailing list