Posted by awebguynow on 01/18/06 20:59

In my efforts to design a good Database layer, I've used exceptions and
wanted to implement best practices for this project. Obviously an
uncaught exception creates a Fatal Error and stops execution.

Currently, I see the best scenario, as:
if there is an error in the DB layer, throw a DBexc which effectively,
logs all SQL and problem info. In the catch block, throw a general
error, with a more generic statement, and possibly include a logging ID
or # with it. ( avoids sending SQL statements to the screen )

Does this sound sensible, or the best way to do this ?
other options ?
is is common to use set_error_handler ?
What about recovery ? does execution have to terminate ?

I'm also interested in programming this system, with security in mind,
ie: avoid SQL injection.
I haven't researched it fully, but I have seen posts, reccommending
addslashes(), etc.

I'm using PEAR::DB, and looking forward to any responses.

[Back to original message]