Details
-
Improvement
-
Resolution: Incomplete
-
Major
-
None
-
3.1.2
-
None
-
1
Description
Of ALL possible positional placeholder delimiters to use in the PHP SDK, the ONE delimiter that must NOT be used is $. Literally ANY other placeholder (e.g. ~, ^, |, %, etc.) would be perfectly acceptable.
This is because the PHP language reserves $ to delimit a PHP variable. The choice of $ as a positional placeholder makes using the PHP SDK to construct queries a nightmare.
For example:
"SELECT * FROM $bucket WHERE type='user' AND first_name=$1"
|
The above query will fail miserably because $ is used as a positional parameter placeholder, but PHP will immediately misinterpret the entire SQL string, looking for the value of the variable $1, which of course doesn't exist!
So what? Just use only single quotes in every N1QL statement? Totally unacceptable. At a minimum, we need to inject the bucket name into every query we generate, and the bucket name is derived from a variable! Also, we're forced to do our own escaping for every variable, thereby fundamentally obviating the need for positional params in the first place!
For example, by switching the above statement to use single quotes, instead of a nice, concise statement, we're left with this hellish quagmire of string hackery, which now contains not one but THREE different types of escaping:
'SELECT * FROM ' . $bucket . ' WHERE type=\'user\' AND first_name=$1'; |
Constructing queries using the PHP SDK is currently a nightmarish, labor intensive, error-prone mess, due solely to the choice of $ as a positional placeholder.
I beg you to choose ANY other delimiter. Or at the very least, allow the user to override the default and configure the delimiter to be something other than $.
This remains the single biggest pain point of the entire PHP SDK.