PHP – DRY with Dynamic SQL vs. Prepared Statements

dryMySQLPHP

When dealing with data, one finds that, essentially, the same code is repeated in various incarnations:

-- MySQL:
CREATE TABLE users (
    id int NOT NULL auto_increment PRIMARY KEY,
    name varchar(255) NOT NULL,
    email varchar(255) NOT NULL,
    UNIQUE KEY akUser (email)
)

// PHP
class User extends DBModel {
    protected $id;
    protected $name;
    protected $email;

    function __construct() {
        $this->queries = array(
            'getById' => 'SELECT id, name, email FROM users WHERE id = :id',
            'addUser' => 'INSERT INTO users (name, email) VALUES (:name, :email)',
            'updateUser' => 'UPDATE users SET name = :name, email = :email WHERE id = :id',
        );
    }

    public function loadById($id) {
        $stmt = $this->getPreparedStatement('getById');
        $stmt->bindValue(':id', $id);
        $stmt->execute();
        $stmt->setFetchMode(PDO::FETCH_INTO, $this);
        return $stmt->fetch();
    }
    public function save() {
        if ($this->id === NULL) {
            $this->add();
        }
        else {
            $this->update();
        }
    }
    public function add() {
        $stmt = $this->getPreparedStatement('addUser');
        $stmt->bindValue(':name', $this->name);
        $stmt->bindValue(':email', $this->email);
        $stmt->execute();
    }
    public function update() {
        $stmt = $this->getPreparedStatement('updateUser');
        $stmt->bindValue(':name', $this->name);
        $stmt->bindValue(':email', $this->email);
        $stmt->bindValue(':id', $this-id);
        $stmt->execute();
    }
}

If you notice, the fields 'name' and 'email' each occur 7 times throughout PHP and MySQL. While this is not much of a problem with this small example, with large tables, and a large number of tables, this gets out of hand fairly quickly.

As a quick side-note: with PHP running as a web service, the application lifetime is very short. Many of the queries that get executed — adding a user, for instance — would get executed only once in the application lifetime, so prepared statements really don't offer much of an advantage. Even with connection sharing, the individual instances don't have access to the previously prepared statement (unless I'm missing something), so it would re-prepare the statement anyway.

With some basic database-level reflection (the results of which are either cached, or automatically generated before deployment), SQL statements can be created automatically, eliminating the need to code the basic SELECT/INSERT/UPDATE/DELETE statements individually – cutting down on code considerably.

-- (table create statement, of course, stays the same)

class User {
    protected $id;
    protected $name;
    protected $email;

    public function getById($id) {
        return MyDb::getById('Users', $id, $this);
    }
    public function save() {
        return MyDb::save('Users', $this);
    }
}

My question: is the duplication of code worth the few CPU cycles and more complex code & maintenance needs?

Best Answer

Essentially you're asking whether code cleanliness is more important than performance; well, that can vary depending on the situation. Without really knowing more about the exact situation, I would say:

Performance is unlikely to be noticably worse with an ORM solution in this case. Unless CPU usage is a known bottleneck on your web server, your code is most likely spending orders of magnitude more time waiting for the DB to respond than it is preparing the SQL statement. When it comes to performance questions though, a good idea is to measure (the answer is often not what seems the most obvious).
I am a firm believer in ORM solutions. They go a long way to standardise how you access the DB, allow the rest of the system to be less DB oriented, take away the ability to make simple mistakes, and keep repetitions to a minimum. There are some (complex) cases where you will have to jump through hoops to make the ORM perform acceptably well, but querying a single table is not it (and in these cases, you can usually hand-code whatever you need). I don't know many people who have tried it and have gone back to not using them.

Related Solutions

PHP – Dynamic Class Inheritance Techniques

It looks like you are having a design issue here: Tables should not extend the Database Abstraction Layer. Instead the DAL should be injected into the table as a dependency.

abstract class Table {
    protected $dal;

    public function __construct(DAL $dal) {
        $this->dal = $dal;
    }

    // whatever else all tables have in common
}

class Table_User extends Table {
    public function someMethod() {
        $this->dal->someOtherMethod();
    }
}

$table = new MyTable($dal);
$table->someMethod();

That way you will create a DAL at some upper scope and pass it down. This will also allow you to use multiple different database engines at the same time.

Additionally you obviously should not create your tables directly in your controller but let a specialized class do that. For example you could use a factory:

class TableFactory {
    protected $dal;

    public function __construct(DAL $dal) {
        $this->dal = $dal;
    }

    public function createTable($name) {
        $className = 'Table_' . $name;
        return new $className($this->dal);
    }
}

That way you can create a table factory at some point with an injected DAL and pass that table factory around.

$table = $factory->createTable('User');

Algorithms – How to Create a Search Algorithm for a CRM

You may want to have a look at Lucene. It's written in Java but you can use it from PHP through either its Zend port or Solr, although I think Solr might not be a solution since you probably want something embedded within your CMS.

The idea is that you can build an index from all the searchable data and then search that index. It has the advantage that it can be much faster than database queries. You can also implement a scoring system, so that some records show up higher in the results list if they are more relevant to the user. One possible downside is that you have to update the index each time the data is updated.

If the Lucene approach doesn't fit your scenario, you could go with a mix of PHP and database code. A view or a stored procedure could act as a surrogate index, aggregating the searchable data. You'd need to split strings by whitespaces and this could make it rather slow, but will get you there. The PHP code will be responsible for building the WHERE clause (you can have a look at how Solr implements query strategies for suggestions as source of inspiration). Assuming you have Id, Name and Score as index fields and two contact records with Id=1, FirstName="Ric", LastName="Flair" and Id=2, FirstName="Ric", LastName="Flare" the index records would be looking something like this:

+--------------+-------+
| Id | Name    | Score |
+----+---------+-------+
| 1  | Ric     |   1   |
+----+---------+-------+
| 1  | Flair   |   1   |
+----+---------+-------+
| 2  | Ric     |   1   |
+----+---------+-------+
| 2  | Flare   |   1   |
+----+---------+-------+

An example could look like this (SQL Server):

DECLARE @index TABLE (
    Id INT NOT NULL,
    Name NVARCHAR(50) NOT NULL,
    Score INT NOT NULL
)

INSERT INTO @index (Id, Name, Score) VALUES (1, 'Ric', 1)
INSERT INTO @index (Id, Name, Score) VALUES (1, 'Flair', 1)
INSERT INTO @index (Id, Name, Score) VALUES (2, 'Ric', 1)
INSERT INTO @index (Id, Name, Score) VALUES (2, 'Flare', 1)

SELECT
    Id,
    SUM(Score) AS Score
FROM
    @index
WHERE
    Name = 'Ric'
    OR Name = 'Flair'
GROUP BY
    Id
ORDER BY
    Score DESC

Ric Flair would have a higher score since it matches on both values, thus popping first in the search results.

The index could also contain title and summary fields to be used as values to be displayed in the search results page. Or you could join the results with a view that preselects those values.

You can toy around with the conditions in the WHERE clause or with the Score field (you could give different scores to different type of records or properties) to get a more refined search experience.

Best Answer

Related Solutions

PHP – Dynamic Class Inheritance Techniques

Algorithms – How to Create a Search Algorithm for a CRM

Related Topic