Drongo_III Posted March 18, 2017 Share Posted March 18, 2017 (edited) Hello I have what might be a really basic question. Lets say I have a table data gateway which is dedicated to a 'users' table. When it comes to saving a user is it better to pass the User Model to the database layer or collapse the User Model into an associative array and pass that instead? Code example below (just typed out as an example) - methods Insert and Insert2 demonstrate the two options. In one respect I think collapsing the model to an array makes it a little less coupled (which seems like a good thing) but on the other hand passing an associative array still feels somewhat error prone and possibly harder to understand for anyone editing the code in the future. So my question is, what would you advise is the best practice in this scenario? <?php class userTableGateway { /* * Insert option one : Just pass in array of data */ public function insert($data){ $sql_statement = "INSERT INTO userTable (name, email) VALUES ($data['name'], $data['email'])"; /*PDO prepare, execute etc...*/ } public funciton insert2(userModelInterface $model){ $sql_statement = "INSERT INTO userTable (name, email) VALUES ($model->getName(), $model->getEmail() )"; /*PDO prepare, execute etc...*/ } public function update(){ ...} public function delete(){...} } class userModelInterface { /* some interface for user model */ } class userModel{ private name; private email; /*lots more properties for user */ public function getName(){ return $this->name; } public function getEmail(){ return $this->email; } } Edited March 18, 2017 by Drongo_III Quote Link to comment Share on other sites More sharing options...
Strider64 Posted March 18, 2017 Share Posted March 18, 2017 Well, if you are GETTING then you can just easily SET the data. If you set the data then you can easily save the data. Doing it this way class userModel{ private name; private email; /*lots more properties for user */ public function getName(){ return $this->name; } public function getEmail(){ return $this->email; } } would be more secure in my opinion. Quote Link to comment Share on other sites More sharing options...
Drongo_III Posted March 18, 2017 Author Share Posted March 18, 2017 Well, if you are GETTING then you can just easily SET the data. If you set the data then you can easily save the data. Doing it this way class userModel{ private name; private email; /*lots more properties for user */ public function getName(){ return $this->name; } public function getEmail(){ return $this->email; } } would be more secure in my opinion. I might not have been very clear. I was specifically interested in whether its best to pass the model data as an array to the Table Data Gateway or whether its better to pass the model and user it's getters. I'm not sure I follow why the setters in the model (which were omitted for brevity) have a bearing on this. Maybe I'm missing something? Quote Link to comment Share on other sites More sharing options...
NigelRel3 Posted March 18, 2017 Share Posted March 18, 2017 If I were to do as you are trying to do, I would pass the object in rather than have to add another stage of fetching the data from the object to then pass into the table layer. One thing which you should certainly change is that you should use bind variables for your PDO statements! Do not just dump data directly into any SQL statement. Quote Link to comment Share on other sites More sharing options...
Drongo_III Posted March 18, 2017 Author Share Posted March 18, 2017 If I were to do as you are trying to do, I would pass the object in rather than have to add another stage of fetching the data from the object to then pass into the table layer. One thing which you should certainly change is that you should use bind variables for your PDO statements! Do not just dump data directly into any SQL statement. Thanks Nigel. The example was simplified but I'd definitely bind the variables. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.