2014-08-15, 04:00 PM
Since MyBB 2.0 would be coded from scratch, there are some coding techniques that can take place.
First I would recommend that whenever possible double quotes to writing simple strings shouldn't be used, instead 1 quote will be used as PHP doesn't parse variables there.
For DB optimizations, the result queries should be placed in a member variable inside the DB class. New queries will be placed in that variable. If the variable is filled although a new query takes place, mysqli_free_result should be used.
And if there is a while loop with the use of fetch_array in its condition, inside the function if there is no more rows, the function will detect that and will execute mysqli_free_result automatically.
This of course would lead us to a coding habit of using mysqli_num_fields before of the while loop.
I thought about adding to a simple_select function a way to detect if a variable that is passed to it is a number and use intval on it to santize it and if it's a string to use the normal santize function and add the quotes there.
Sorry for my bad english, hope you understood.
First I would recommend that whenever possible double quotes to writing simple strings shouldn't be used, instead 1 quote will be used as PHP doesn't parse variables there.
For DB optimizations, the result queries should be placed in a member variable inside the DB class. New queries will be placed in that variable. If the variable is filled although a new query takes place, mysqli_free_result should be used.
And if there is a while loop with the use of fetch_array in its condition, inside the function if there is no more rows, the function will detect that and will execute mysqli_free_result automatically.
This of course would lead us to a coding habit of using mysqli_num_fields before of the while loop.
I thought about adding to a simple_select function a way to detect if a variable that is passed to it is a number and use intval on it to santize it and if it's a string to use the normal santize function and add the quotes there.
Sorry for my bad english, hope you understood.