Blufusion.net

CodeIgniter From Scratch Day 2

Jeffrey Way has posted his second video screencast about the CodeIgniter framework on Nettuts today. In this second screencast JW covers the topic of Models. Jeffrey explains the purpose of using models, walks you through creating your first model and function, as well as using it to retrieve records that are stored in a database. JW also demonstrated how easy it is to generate SQL queries using the Active Record class provided with CodeIgniter.

Query Bindings

JW did a great job explaining the use of models to perform database interaction via CodeIgniter. I also learned about something new from this screencast. Granted this new tidbit of information wasn’t anything extremely fascinating or very useful to me, but still, it’s something new. This new thing was the creation query bindings. Query bindings are basically a way of creating prepared SQL statements and easily inserting user provided data into these statements. The user provided data is auto escaped before being used, therefore the posibility of SQL injection is eliminated for you.

Example:

$sql = "SELECT * FROM my_table WHERE id = ?"
$q = $this->db->query($sql, 3);

This code would execute the SQL command constructed within the $sql variable, and then substitute the value of the second parameter in the query function for the ‘?’. So in this example, the resultant SQL command that would be executed would be:

SELECT * FROM my_table WHERE id = 3;

This can also be used with multiple parameters simply by making the second parameter in the query function an array.

Looking forward to CodeIgniter from Scratch: Day 3. Keep up the good work JW.

If you missed day 1, go back and check it out here.