Disclaimer:. This information is valid from the original publication date of this response. ZF changes frequently, this information may become outdated from future releases, however it will remain unchanged for archival purposes.
If you pass the string to the fetchRow() method of the Zend_Db_Table_Abstract subclass (which you do), it will be considered as part of the where instance of Zend_Db_Table_Select .
In other words, internally, Zend_Db_Table does this:
if (!($where instanceof Zend_Db_Table_Select)) { $select = $this->select(); if ($where !== null) { $this->_where($select, $where); }
So...
a) $users->fetchRow('userID = ' . $userID);
Not quoted at all.
b) $users->fetchRow('userID = ' . $users->getAdapter()->quote($userID, 'INTEGER'));
Hand quoted as an integer.
c) $users->fetchRow('userID = ?', $userID);
Automatically quoted Zend_Db_Adapter_*::quoteInto()
d) $users->fetchRow('userID = ?', $users->getAdapter()->quote($userID, 'INTEGER'));
Actually double quotes, once to you and once using automatic quoting.
As for the βbest,β I would recommend option C. The structure will automatically call quoteInto on the parameterized value.
Keep in mind:. You can always pass an instance of Zend_Db_Table_Select or Zend_Db_Select to the fetchRow() method ...
Again, in a subclass of Zend_Db_Table_Abstract , it will look like this:
$this->fetchRow($this->select()->where('userID = ?', $userID));
The plus to this is that you can create much more complex queries, since you have control over much more than just a where clause of the SQL query. Theoretically, you can easily:
$select = $this->select()->where('userID = ?', $userID) ->join(array('sat' => 'superAwesomeTable'), array('sat.user_id = userID', array('superAwesomeColumn')); $this->fetchRow($select);
Note: If an instance of Zend_Db_Select passed, the fetchRow() method acts exactly like fetchAll() , except that it internally calls the limit() method of the select object with parameter 1 .