In version 2.3 we introduced much better DAO (Data Access Object) classes. The new classes introduce an easier way to work with the database. Also, all* input is sanitized now, so you not need to worry about insecure input anymore. Yay!


The best way to work with the new DAO, is to create a new model (class) for your plugin, it’s a bit more work, but totally worth it: cleaner code, more secure, less spaguetti.

Create a class and extend DAO

You class you start with something like

class MyClass extends DAO {
}

No need to use getConnection() anymore

Since you’re going to use a class now, the constructor of the class will take care of the connection to the data base.

Define a few params on the constructor

Your class constructor should look something like this

function __construct() {
    parent::__construct();
    $this->setTableName('t_table') ;
    $this->setPrimaryKey('pk_i_id') ;  // Or whatever your primary key column is
    $this->setFields( array('pk_i_id', 'x_another_column', 'y_one_more_column') ) ;
}

Create methods as your wish

Create as much functions as you wish inside your class, to call then you only need to use this code:

MyClass::newInstance()->myMethod($params);

Do NOT reinvent the wheel

Since you’re extending DAO class, you have some functions ready to be used (if you declared wich table and fields has the table on the constructor). If you want to update a field on your table, you don’t need to create a new function for it, just call the update method:

MyClass::newInstance()->update($params, $conditions);

Same for findByPrimaryKey, listAll, insert, delete,… This class-thing start to be useful, isn’t it?

New DAO methods

Before, you have to deal with the database and your only tools where osc_dbExec, osc_dbFetchResult and osc_dbFetchResults. Now, you have all this methods, select, like, where, from, join, … and all* the methods sanitize the input, so no more worries about slashes or SQL injections. The only method that does not sanitize is the query one, which allows you to perform complex queries on the database (we suggest you to try to avoid it at any cost, but that will not be always possible).


Please, take a look at the current plugins, you will find them very useful.