I want to make sure of that -- I'm working on a routine that overrides the behavior of a lot of PDO's properties (specifically "exec", "query" and "prepare") -- and want to be sure that nothing can call the parent versions of those calls from the extended object. I don't THINK you can, my attempts to do so fail -- but I want to be 100% sure you can't do anything stupid like $db->parent::exec or override the class somehow. You can read more about the "why" here: http://techtalkin.com/Thread-Extending-PDO?pid=1341 I'm trying to lock down what my 'general use' database object is allowed to do, while at the same time extend the functionality in a useful manner. ... and in a really bizarre way copy how Paradox 4.5 for DOS worked twenty years ago -- named queries with support for multiple engines. Overriding those three methods so that you can only call queries by name limits what operations can be performed. I'm planning on adding a debug_backtrace check later on since 'module' specific calls will only be accessible from matching singletons with the same classname as the module name. Any thoughts on vulnerabilities or ways to bypass this attempt to override/prevent use of the parent class' methods?
Yeah the special parent is only accessible from the actual class only. You can block users from over riding your methods/objects be declaring them as final.