View Single Post
06-26-2008, 01:32 PM
Join Date: May 2008
Yeah, I have a database abstraction class too. I just happened to use mysql_real_escape_string in the example for better understanding;
usually, my queries look like:
$this->db->query(sprintf("SELECT blah blah blah x = '%s'", $this->db->safe($_POST['var'])));
I love it because if all is well with the query, it just returns and is ready for processing but if an error happens (crucial) if I have debug turned on it will output what i passed in as the query, error message etc. In production, it sends an email to me so I can catch SQL Injection attempts and the like.
Plus should I ever change databases i simply need to change the code in the query()method. Gotta love it:)
There are No Stupid Questions. But there a LOT of Inquisitive Idiots.
View Public Profile
Send a private message to drewbee
Find More Posts by drewbee