Menu
▾
▴
Re: [chiPHPug-discuss] DB Class workflow question
|
From: Peter H. <ph...@ma...> - 2007-10-04 15:16:41
|
On Wed, Oct 03, 2007 at 11:56:04PM -0500, jsWalter wrote: > I'm rolling my own little DB class (pls, I don't need to hear about how > wonder this or that class is, thank you, I've reading over 2 dozen such > libaries) and I have a question to this group... This, right here, is why I like reinventing wheels. You'll find yourself making design decisions that you initially didn't even notice that library creators had made. You gain a deeper understanding of the problem. (And then when I have a deep understanding I almost always throw away my code and make an now-informed choice of libraries.) > On the other, would it be logical for the DB class to take a whack at the > data set and to make sure each field is the data type that the database is > expecting? Or should the developer code that as well? Give the developer the raw data, exactly as it came in from the user, otherwise you'll make some really useful non-reversable transformation that, six months from now, you realize is a big pain for some code you're adding. When the developer calls the API again to save to the database, that's where your code should step in to make sure that integer fields are not getting passed strings and so on. Let the API escape data and pass it to the database, then capture the database's errors and raise meaningful exceptions to the developer. This way you prevent SQL injection and don't have to reinvent all the checking the database does. -- Peter Harkins - http://push.cx - http://NearbyGamers.com |
