I am developing my first YII website. I have a couple of doubts about YII database.
There are three methods to query database in yii.
- Database Access Objects
- Query Builder
- Active Record
- Out of these three methods which is the secure and most preferred method?
- If I have custom queries to perform which method should I prefer?
-
In case of Query Builder queries we explicitly choose table like
$user = Yii::app()->db->createCommand() ->select('id, username, profile') ->from('tbl_user') // explicitly choosing the table ->join('tbl_profile p', 'u.id=p.user_id') ->where('id=:id', array(':id'=>$id)) ->queryRow();
so where should I write query builder queries? Is there any advantage if I write them in corresponding table model?
If I use DAO or query builder what class should extend my model?
How to validate user inputs if I follow DAO method or query builder method?