CodeIgniter Forums
Direct Access to Model or to use Library? - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived General Discussion (https://forum.codeigniter.com/forumdisplay.php?fid=21)
+--- Thread: Direct Access to Model or to use Library? (/showthread.php?tid=26474)

Direct Access to Model or to use Library? - El Forum - 01-14-2010

[eluser]bunal[/eluser]
Hi Igniters,

Mine is a bit logic/approach question.

Whats your prefered way, do you always create a library for using models or you access the model method directly from controller?

Direct Access to Model or to use Library? - El Forum - 01-14-2010

[eluser]bunal[/eluser]
For example:

Lets say we have a user update form where users update their phone, email etc etc.

When user clicks the update form controller would?

1.Would it be better to call the model method and update the date

or

2. Would it better to always create a method in library then call the model method from the the library?

What will be your choice?

Direct Access to Model or to use Library? - El Forum - 01-14-2010

[eluser]WebsiteDuck[/eluser]
You don't need to create a library specifically for calling model methods. Just call them from your controller, unless you need a library for other reasons.

Direct Access to Model or to use Library? - El Forum - 01-14-2010

[eluser]bunal[/eluser]
Thanks Wink

Another quick question.

For security do you prefer splitting model methods.

For example:

Code:
function update_user($username,$data){
  SQL(update user set d = $data where username = $username)
}

Code:
function update_mydetail($data){
  $username = $my_username_in_session
  SQL(update user set d = $data where username = $username)
}

And also do you prefer writing methods for admin and users seperate, or maybe also in different model files?

Direct Access to Model or to use Library? - El Forum - 01-14-2010

[eluser]WebsiteDuck[/eluser]
I wouldn't pull data from the session in the model, more because of coding style than security. You're probably going to use data from the session either way.

I don't think separating user/admin methods into different model files would make you any more secure, so that would be a personal preference. The security would depend on your controllers. If a user is able to spoof that they're an admin, it won't matter where the methods are.