Query Construction Patterns in PHP

Abstract

Most PHP applications use databases, with developers including both static queries, given directly in the code, and dynamic queries, which are based on a mixture of static text, computed values, and user input. In this paper, we focus specifically on how developers create queries that are then used with the original MySQL API library. Based on a collection of open-source PHP applications, our initial results show that many of these queries are created according to a small collection of query construction patterns. We believe that identifying these patterns provides a solid base for program analysis, comprehension, and transformation tools that need to reason about database queries, including tools to support renovating existing PHP code to support safer, more modern database access APIs.

Publication
Proceedings of the 24th IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2017), ERA Track
David Anderson
David Anderson
Former Member PLSE Group
Mark Hills
Mark Hills
Associate Professor

My research interests include programming languages, program analysis, and software engineering.