Q1 - It's done that way so that the bindvars() action can sanitize the inputs and prevent SQL injection security problems.
Q2 - It's done that way so that the $define_list can be re-used in multiple places, and also to prevent nesting the stuff all in one line of code, which would be harder to read. The $column_list is populated only when one of the $define_list constants (set via admin switches) is set to a zon-zero value. This allows the storeowner to configure certain columns to be on or off, or displayed in a given order, without having to touch the code.


Reply With Quote
