Evan Prodromou wrote:
On Wed, 2004-01-12 at 13:24 +1100, Tim Starling
wrote:
I guess
I'm mainly worried that this huge change was made without
considering other options.
What huge change?
Replacing all the SQL strings in the code with function calls into a
much-expanded database object.
I discussed it on IRC, with Brion and anyone else who was around.
Replacing SQL strings with function calls was done for these reasons:
* Safer quoting, avoidance of SQL injection attacks
* Easier table prefix support
* Simpler interface with PHP data structures, like wfGetSQL() before it
* DB abstraction, specifically:
** Filtering or emulation of unsupported options to queries such as DELAYED
** Emulation of MySQL-specific queries such as REPLACE
** Table name quoting
If you want to be in on these decisions you should hang around on
#mediawiki more. Discussing things by email is tedious and slow.
-- Tim Starling