MAR keeps the plumbing out of your way, I used to write PHP for MySQL
long-hand, and it is so easy to get a little mistake somewhere and
have the whole thing fall down. Plus, writing long-hand encourages you
to write the same code over and over, or to mix it into your HTML to a
large degree. It’s not maintainable. Compare and contrast:
require_once('config.inc.php');
$widgets = MyActiveRecord::FindAll('widgets');
with
require_once('config.inc.php'); //just to be fair, put all the login
stuff here
$link = mysql_connect($host,$user,$password);
if (!$link) {
die('Could not connect: ' . mysql_error());
}
$result = mysql_query('SELECT * FROM `widgets` WHERE 1 ORDER BY id
ASC');
if (!$result) {
die('Invalid query: ' . mysql_error());
}
$widgets = array();
while ($obj = mysql_fetch_object($result)){
$widgets[$obj->id] = $obj;
}
mysql_close($link);
That’s a lot of places where I have to type the same thing over and
over, and stand a very good chance of getting it wrong.
If I’m updating the database from a POST, the difference becomes even
more extreme:
if(isset($_POST['id'])){
if($widget = MyActiveRecord::FindById('widgets',$_POST['id']){
$widget->populate($_POST);
$widget->save();
header('Location: ' . $_SERVER['REQUEST_URI'];
exit;
}
}
To do the same in long-hand PHP, you would have to do all of the setup
from the previous example, then rip through the POST and sanitize all
of the variables (Google SQL Injection for a very scary look at how
easy it is to take down a database server), then build a query based
on your intimate knowledge of the data structure, with hard-coded
variable names, and then update the database. And each time your
database changes, you’d have to go through all of your code –
everywhere you touch the database – and make sure that you had the
correct set of variable names to match the columns. It’s so 1997. It’s
so easy to get wrong, and so hard to debug.
The ActiveRecord pattern uses the database itself as the foundation
for all the application code that touches it. Using a principle known
as “reflection”, it asks the database for a current list of columns,
then uses that to sanitize the inputs or to create the outputs. If I
change the database – at any point – the only code I have to update
is that which references a column value directly. So if I have a page
where I am showing the color of a widget, and I have $widget-
h(‘color’); in the HTML builder code, then if I change the database
to be British, I have only to change color to colour – right there,
where I’m using it. I don’t have to go through the rest of the
database access code and do the same there.
It’s a lot like setting out to build a skyscraper. If you have to keep
building the bottom 30 stories over and over each time you make a
change to the top 20, you’ll never get done.
Walter
On Mar 16, 2011, at 12:00 PM, jan smoot wrote:
Am still not clear on the advantages of MAR vs using mysql and
interfacing directly with the database. Is MAR more secure in someway?
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options