| Subject: | The connect method has a bug, it... |
|---|
| Summary: | Package rating comment |
|---|
| Messages: | 1 |
|---|
| Author: | Timo Reitz |
|---|
| Date: | 2010-02-26 11:22:25 |
|---|
| |
|
|
Timo Reitz rated this package as follows:
| Utility: | Bad |
|---|
| Consistency: | Sufficient |
|---|
|
|
 Timo Reitz - 2010-02-26 11:22:26 The connect method has a bug, it returns the connection before setting the database, rendering the corresponding argument useless. This avoids just another bug, where instead of mysql_select_db the inexistent mysql_selected_db is used.
The try-catch-blocks scattered around are silly, because the mysql_* functions do not throw exceptions. Even if they did, the error handling would be pointless, because just echoing the exception is very bad practice, it prevents logging.
The PHP manual recommends using the database-specific escaping functions, in this case mysql_real_escape_string, instead of the generic addslashes.
In the select method is a bug:
strlen( $where_sql - 5 )
Obviously, this should have been:
strlen ( $where_sql ) - 5
And another, more architectural thing – If I'd need more than one database connection, how could I use the class?
|
