Hi, I'm looking for the best way to design the data abstraction layer of my application. The application is using the MVC design, so this'll be the model. Here's what I have so far. I'd like some pros and cons, and maybe alternative solutions.
At the bottom I have an adapter. Actually I only have one (MySQL, using the standard MySQL extension) and a half (SQLite, using the standard SQLite extension) so far. I'm going to need MSSQL too in the near future.
The adapter is fabricated by a factory method like this:
$Connection = Connection::factory("mysql://user:password@host:port/database");
It has basic methods like query(), escape(), getInsertKey() and so on. In addition I have an extended version of each adapter which has methods like getDatabases(), getTables(), createTable(), renameTable() and so on.
So this is the adapter.
On top of the adapter i build getter and setter classes which i guess you could say is the actual models (the adapters are part of the framework). I have two classes for most tables. One representing the entire table and one representing one specific record. Heres an example:
$Users = new Users ( $Connection );
$Users->create()->set( "Email", "user@domain.org" )->set( "Nickname", "paralyzah" )->update();
The second line may be confusing. Most methods in the record class return itself. So, what's happening here is I create a new object representing the entire table. I create a new record, which is not actually created in the database yet. I set some values of some fields. And last, I update it. Now it's created in the database. Since this is a new record, the update method will figure out that and use INSERT instead of UPDATE.
The point is anyway that I have two classes for most tables, and they are merely getter and setter classes that takes care of the SQL statements needed.
Here's a specific question: In the setter methods, I validate the data. i.e. If it's a string I escape it (to prevent SQL injection) and if it's an email this is the place I make sure that it is. If the data doesn't validate, an exception is thrown, so I can handle that some place else. Is it a good or a bad idea to do this kind of validation here?
This is basically it for the data abstraction layer.
Above this, I'm in the business logic layer. Here I may have other classes that do business logic related to users (or whatever). i.e. I usually have a method like hasAccess() which determines whether a user has access to a specific area (or unit of code to be correct):
if ( $SignedInUser->hasAccess( 2 ) ) { // 2 is the key for the access area.
// Access granted.
} else {
// Access denied.
}
What other ways are the to solve this? If I were to use PDO, would that be just another adapter or would it be wise to follow a totally different design pattern?
Thanks in advance guys! Hope this sparks a great debate!