So far I stopped at the first line, the constructor, where I can spot with what
I can read SQL injections "everywhere"
I hope here is a proper validation there, 'cause as is, sounds truly dangerous,
since you are not using bindParams or other PDO related techniques to avoid
About the rest I kinda agree with the proper model controller, rather than just
> To: email@example.com
> Date: Wed, 7 Oct 2009 17:34:35 +1100
> From: baum...@livejournal.dk
> Subject: [PHP] Insult my code!
> Hi there,
> I'm in the process of trying to wrap my head around MVC, and as part of
> that, I'm attempting to implement a super-tiny MVC framework.
> I've created some mockups of how the framework might be used based
> around a very simple 'bank', but I'm trying to get some feedback before
> I go and implement it, to make sure I'm actually on the right track.
> Any thoughts would be much appreciated!
> Model - http://www.pastebin.cz/23595
> Controller - http://www.pastebin.cz/23597
> View - http://www.pastebin.cz/23598
> Template - http://www.pastebin.cz/23599
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
Windows Live: Friends get your Flickr, Yelp, and Digg updates when they e-mail