12-12-2016, 04:18 PM
Yep. You're correct. That's one of the weird things about using the singleton method of db connection. If you establish a new connection to the db (name/pw/etc) every time you make a query/page, bad programming can cause you to make too many connections to the db. The way we call db::getInstance in the header, you will always have a single connection, no more, no less.
So that means, that your previous query is still in memory if there is one and if it fails, it may deliver results from that query.
Either way, best practice (using our method, mysqli, or just PDO in general), you want to properly bind your variables in an array to make absolutely SURE that the db is only searching that particular column for your info (and that someone isn't using a form to get up to mischief in your database). Note that if you are not getting outside information (ie variables) you can just pass the info in as normal ("SELECT * FROM users where id=1") works as you would expect.
I need to update the documentation. Especially the db documentation. I wrote that stuff when I barely understood the classes myself.
So that means, that your previous query is still in memory if there is one and if it fails, it may deliver results from that query.
Either way, best practice (using our method, mysqli, or just PDO in general), you want to properly bind your variables in an array to make absolutely SURE that the db is only searching that particular column for your info (and that someone isn't using a form to get up to mischief in your database). Note that if you are not getting outside information (ie variables) you can just pass the info in as normal ("SELECT * FROM users where id=1") works as you would expect.
I need to update the documentation. Especially the db documentation. I wrote that stuff when I barely understood the classes myself.