The PDO quote() function leaves much to be desired. We're told to use mysql_real_escape_string(), but that requires a connection to the database to be passed to it for some strange reason. By adding escapeValue() to the Faster_Data class, we can mimic this behavior. The function would be:
* Escapes a value for use in a SQL statement.
*
* @param string The variable to encode.
* @return string The encoded variable ready for use in a SQL statement.
*/
public function escapeValue($s) {
if(!empty($s)) {
return str_replace(array('\\', "\0", "\n", "\r", "'", '"', "\x1a"), array('\\\\', '\\0', '\\n', '\\r', "\\'", '\\"', '\\Z'), $s);
}
return $s;
}
Even though Faster is to remain minimalist, this is such a commonly desired thing that it seems suitable to add it to the framework in the appropriate class, which would be the Faster_Data class.
The PDO quote() function leaves much to be desired. We're told to use mysql_real_escape_string(), but that requires a connection to the database to be passed to it for some strange reason. By adding escapeValue() to the Faster_Data class, we can mimic this behavior. The function would be:
Even though Faster is to remain minimalist, this is such a commonly desired thing that it seems suitable to add it to the framework in the appropriate class, which would be the Faster_Data class.