php codeigniter $this->db->where(); 自定义字符串问题
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7547731/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
codeigniter $this->db->where(); custom string problem
提问by LiveEn
Im trying to select some values using a custom string. below is my code
我试图使用自定义字符串选择一些值。下面是我的代码
$this->db->from('posted');
$st="infor='rent' AND (typeq='in' OR typeq='out')";
$this->db->where($st);
$q = $this->db->get();
A Database Error Occurred
Error Number: 1054 Unknown column ‘infor=‘rent'' in ‘where clause' SELECT * FROM (`posted_ads`) WHERE `infor=‘rent'` AND (typeq=‘in' OR typeq=‘out') Filename: C:\wamp\www\parklot\system\database\DB_driver.php Line Number: 330
发生数据库错误
Error Number: 1054 Unknown column ‘infor=‘rent'' in ‘where clause' SELECT * FROM (`posted_ads`) WHERE `infor=‘rent'` AND (typeq=‘in' OR typeq=‘out') Filename: C:\wamp\www\parklot\system\database\DB_driver.php Line Number: 330
i think the problem is coz of
我认为问题在于
WHERE `infor='rent'`
when i manualy execute this code it works perfectly.
当我手动执行此代码时,它运行良好。
WHERE infor='rent'
how do i get rid of
我该如何摆脱
``
because its automatically added
因为它自动添加
回答by Kemal Fadillah
Add a third parameter to the where()and set it to FALSE
向 中添加第三个参数where()并将其设置为FALSE
$this->db->from('posted');
$st="infor='rent' AND (typeq='in' OR typeq='out')";
$this->db->where($st, NULL, FALSE);
$q = $this->db->get();
$this->db->where()accepts an optional third parameter. If you set it toFALSE, CodeIgniter will not try to protect your field or table names with backticks.
$this->db->where()接受可选的第三个参数。如果您将其设置为FALSE,CodeIgniter 将不会尝试使用反引号保护您的字段或表名。
回答by Michael
While the solution works I wanna add: Be careful! You need to secure your query and escape all values! If you like to use the Query Builder
虽然解决方案有效,但我想补充一点:小心!您需要保护您的查询并转义所有值!如果您喜欢使用查询生成器
$q = $this->db->select('*')->from('posted_ads')
->where('infor', 'rent')
->or_group_start()
->where('typeq', 'in')
->where('typeq', 'out')
->group_end()
->get();
This way Codeigniter takes care of proper escaping.
这样 Codeigniter 负责正确的转义。
