I was perusing the source and noticed the version of adodb that openemr uses if farily old. The new version of adodb helps prevent sql injection, includes AutoExecute and helps in escaping sql queries. I thought it was interesting that the sql.inc file uses adodb and then uses mysql_query calls directly. What would be the correct release to start adding the new adodb support? I have seen a couple of posts mentioning this and a few have already done the upgrade but have not found a definite answer when this could be merged into the OpenEmr release.
Actually I think database access should be abstracted by an object-oriented approach. For example there should be a class for patient, another for encounter, another for billing code, etc.
So actual database access should be in a relatively small number of modules and I don’t much care if they use ADODB or some other method. The important thing in my view is to get the object model right.