Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
The drupal database layer api says about db_query
Do not use this function for INSERT, UPDATE, or DELETE queries. Those should be handled via db_insert(), db_update() and db_delete() respectively.
(source)
I think this is said for other database layers as well. Does anybody know why? Is it unsafe, inefficient, etc.?
It’s just convention as far as I know. Certainly there’s no technical problem with running an
INSERT/UPDATEthroughdb_query(); all it does is run a vanilla SQL query against the database so it will definitely work.I’d imagine the documentation is simply pointing out that there are dedicated functions for those operations, and that those should be preferred to running an SQL
INSERTetc. directly.‘Structured’ queries (i.e. those using
db_select(),db_insert(),db_update()anddb_merge()) will also get the added benefit of being run throughhook_query_alter()before they’re executed, meaning other parts of the system can alter them as required. You don’t get that same functionality when usingdb_query().