Keeping all database access in one place to avoid having selects around the codebase.
> What about maintenance or admin queries which aren't tied to a specific user_id?
This is the web interface for users, all admin stuff is done elsewhere
> What about sql injection?
The selects are passed as parametised queries, so the where clause would be 'title = %s AND folder = %s'
Keeping all database access in one place to avoid having selects around the codebase.
> What about maintenance or admin queries which aren't tied to a specific user_id?
This is the web interface for users, all admin stuff is done elsewhere
> What about sql injection?
The selects are passed as parametised queries, so the where clause would be 'title = %s AND folder = %s'