I study Yii, here in the controller there is such a terrible thing:

$query_for_author = "delete from `author` where `id` = :author"; $command = Yii::app()->db->createCommand($query_for_author); $command->execute(array('author' => $author_for_delete['author_id']));

Or here:

 Topic::model()->findBySql('SELECT * FROM topic WHERE title=:param', array(':param' => $find_topic));

As far as I know, this should not be in it, such as a request, etc. Received the data - send it all. How do you, comrades developers, to this concern? Or does this happen to you too?

  • @Fikret, all right. Queries (ideally) should not be even in the model - it asks the database to get certain data, but how this happens, they all don't care (MVC), let the query builder / dbal understand. With proper use of such pieces, you can transfer the project to a new database engine in half an hour and grin victoriously. - etki
  • "Everything is right" = "right that this should not be", of course. - etki

2 answers 2

What you wrote belongs to the simplest samples, it is better to do this using ORM tools:

 Author::model()->deleteByPk($author_id);

According to the second

 Topic::model->findAllByAttributes(array('topic' => 'value'));

    : author - this part means that a variable will be placed in this place. There are many such parameters in the request. For example:

     "delete from `author` where `id` = :author" AND `name` = :name;

    Then, when executing the request, we pass the values ​​of these parameters:

     $command->execute(array('author' => $author_var, 'name'=>$name_var));
    • no, well, it is clear from the PDO =) - Fikret