Drupal

Fixing update_sql() to accept parameters

A pretty simple yet cool feature of Drupal's db_query() function is that you can pass in parameters that will make it automatically adjust the query to correctly escape the arguments. This is one of the simple security features in Drupal as it will properly escape the string to avoid SQL injection attacks, and just simply safe you hassle. Good stuff!

Tags: 

Managing Drupal Views, the proper way

One of the most powerful and most useful modules on Drupal is Views. With one screen you can build custom pages & blocks based around your content, select the exact fields you need, add filters and arguments, and relatively easily customize the display, and that's just scratching the surface. In fact, Views is so flexible that I've built sites which have 90% of their architecture based solely around taxonomies and Views.

Tags: 

Pages

Subscribe to Drupal