[eluser]Ki[/eluser]
I have a question to CI community about site architecture with CI.
Suppose you have a site with many users and users can update their profiles. When they update a profile the users get an email confirmation.
As such, I have a model for updating user profiles and an MY_Email library to send the right email template.
Now, suppose a user logs into account and updates the profile. There are many ways to handle it. Which one is better from security perspective + site loading times.
When the user logs in, the database is queried for user data, and the updated fields are stored in the $_POST global array.
Is it a better practice to:
a) pass user id through $_POST, query database (again) on user id for user info, store it in $this->CI->data, then call on database model and email library that will take data from $this->CI->data (such as user email for email library) and then using this data will update profile
b) store all user data in hidden fields (such as user email because we will need to send them email conf) and then have email library send email base on $_POST data only
c) pass data to each method within the email library... bu this way we would have to pass every update field to the email library method if we want them to show up in the email sent to user.
Any thoughts?
Note that passing data to email library avoids an extra db query to get user email, however if we pass email to the email library we have to pass any and all other fields that we want to show up in the database. The other two methods are either saving all required info for email in the $_POST variable which also avoids extra db query or having the extra db query in the model to update database to retrieve user email for email library. Note that after all updates are done, we, again, need to query database to get the updated user information.
Kirill