Reputation: 2508
Is it more secure to use PDO class InDirectly?
I an new to object oriented PHP. In tutorials , the instructor not using the PDO class directly , instead using it via function, like this
class Database{
private $pdo;
private $stmt;
public function __construct(){$this->pdo = new PDO(blaa..blaa..);}
public function preparequery($query){$this->stmt=$this->pdo->prepare($query);}
public function bind($param,$value){$this->stmt->bindValue($param,$value);}
public function execute(){$this->stmt->execute();}
public function Fetch(){$this->stmt->fetchall();}
}
And then he call these public function for any database query like
$mysql = new Database;
$mysql->preparequery("INSERT INTO test(name,city) VALUES (:name,:city)");
$mysql->bind(':name',$_GET['name']);
$mysql->bind(':city',$_GET['city']);
$mysql->execute();
I understand it, but we can directly create a PDO object and interact with database, So i just want to ask , Does above method provide some benifits(like more security or something) Or just it is used for make it simple(although I don't find it simple).
Upvotes: 1
Views: 205
Answers (1)
Reputation: 7628
More secured is NOT the point, but more convenient.
Making use of the OOP (data modeling; methods, class, inheritance, etc.) concept as in seen in PDO helps ease and accelerate future edits as it makes one code dry.
It will help you structure effectively and write less.
Please note: OOP as mentioned above strictly refers to its concept; not the use of any given wrapper class.
PDO is PHP's approach to OOP.
Upvotes: 2
Related Questions
- Is extending classes good practice?
- Which one is safer to use in OOP?
- PHP PDO vs normal mysql_connect
- Is this bad technique for PDO?
- Which PDO bind approach should be used for greater security?
- Using classes much more effectively in PHP?
- pdo class vs pdostatment class - beginner
- PDO custom class and security
- Secury Benefits of PHP PDO vs mysql_*()
- PHP: Proper way of using a PDO database connection in a class