On 8/10/2009 1:20 AM, Andrea Giammarchi wrote:

So far I stopped at the first line, the constructor, where I can spot with what I can 
read SQL injections "everywhere"

I hope here is a proper validation there, 'cause as is, sounds truly dangerous, 
since you are not using bindParams or other PDO related techniques to avoid 
input problems.

About the rest I kinda agree with the proper model controller, rather than just 
a reader.


To: php-general@lists.php.net
Date: Wed, 7 Oct 2009 17:34:35 +1100
From: baum...@livejournal.dk
Subject: [PHP] Insult my code!

Hi there,

I'm in the process of trying to wrap my head around MVC, and as part of
that, I'm attempting to implement a super-tiny MVC framework.

I've created some mockups of how the framework might be used based
around a very simple 'bank', but I'm trying to get some feedback before
I go and implement it, to make sure I'm actually on the right track.

Any thoughts would be much appreciated!

Model - http://www.pastebin.cz/23595
Controller - http://www.pastebin.cz/23597
View - http://www.pastebin.cz/23598
Template - http://www.pastebin.cz/23599

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Windows Live: Friends get your Flickr, Yelp, and Digg updates when they e-mail 

The linked code was supposed to be more of a mockup than anything, with the functions a bit of filler to try and show what I'm trying to do.

With regard to the SQL injection, I try not to make the problems with my code quite so blatant. :-)

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to