Reputation: 2339
what is the better way to query database in fuelphp?
I have list requiredment to choice query database
- Security
- Flexibility
- Fast
and this is query function database in fuelphp
My problem
When i'm using ORM Mapper I have problem with regards to the flexible point. I've read this and this which say ORM cannot select by field of table, ORM possible to fetch all column in the table and if join table will be much data is passed, but ORM is High Security and I don't now fast or not maybe some one can explain, but i think will be slow because ORM fetch all data, just my opinion.
When I'm using Direct Query i have problem in security because is possible to SQL Injection,but with Direct Query we can customize query database & I think speed will be increase than ORM.
When i'm Using Query Building i have problem when i want to join two table or more ,this function still not available in fuelphp, but with query Builder security is better than Direct Query & speed will be increase i think.
OK that is just my opinion, actually I want to be using ORM because I will prefer security more than other, that is very important I think.
My question
- What your suggestion for this problem ?
Upvotes: 2
Views: 3017
Answers (1)
Reputation: 26467
The ORM will typically be slightly slower by nature, yes. However, like you say it's flexibility is where the sacrifice on performance may come from. An ORM has it's uses and is beneficial for certain scenarios which are documented in far more detail all over the web, including on the link you put in your question so I'll leave a long description of the benefits and pitfalls out.
Direct queries can be susceptible to SQL injection but you're able to escape them and make them safe yourself. As a basic example (below), you could pass the following to the DB class. Direct queries are good in times where the ORM and Query builder are incapable of generating the SQL you need. However, using direct queries means that you wont necessarily be able to switch to a different DB engine (MySQL to Mongo for example), where you would with the ORM or Query builder. I personally stay away from direct queries for this reason.
$query = sprintf("SELECT * FROM table WHERE name = '%s'", DB::escape($yourstring));The query builder is good for completing queries that an ORM model is not capable of or where writing a model is overkill. There's a slight overhead from compiling the SQL from it but typically this is negligible. The query builder is capable of joining an unlimited number of tables. You just need to call the
join()andon()functions more than once. For exampleDB::select('*')->from('table')->join('table2', 'right')->on('table2.column', '=', 'table.column')->join('table3', 'right')->on('table3.column', '=', 'table.column')
You can also follow with as many calls to on() as you like.
Each option will be suited to different scenarios, as described above. So you'll find that picking the option most suitable when you need it will be your best option.
Upvotes: 5
Related Questions
- best way to query my database using laravel
- Caching only a relation data from FuelPHP ORM result
- Where to place a database query in model? (Symfony framework)
- Use of models in FuelPHP?
- Best practice for organising reusable DBAL queries in Symfony2?
- How do you work with a single ORM query result in FuelPHP?
- FuelPHP: Two questions - DB and Custom functions
- FuelPHP ORM and Query builder
- Can FuelPHP ORM handle this database design?
- ORM Solution for really complex queries