Can you use query builder to build a query with a

2019-03-02 10:10发布

站内文章 / PHP

13 0

问题:

So I know if I build a dynamic SQL string I can do something like the following

$SQL = "SELECT * FROM " . $table;

$first = 1;
foreach($items as $key => $val)
{
   if($first) $SQL .= " WHERE ";
       else $SQL .= " AND ";
   $SQL .= $key . " LIKE " . $VAL;
   $first = 0;
}

and then call DB::Query($SQL);

But this does not automatically protect the user input.

If I used the Query Builder in laravel the user input would automatically be cleaned but I do not know how I can use the Query builder to create a query with a dynamic number of where clauses at runtime. Is this possible?

回答1:

$query = $tableModel->newQuery();

foreach($items as $key => $val) {
    $query->where($key, "LIKE", '%'.$val.'%');
}

回答2:

foreach( $items as $key => $value )
{
    $query->where( $key, '=', $value );
}

Is something like that what you're after?

EDIT: Looks like Mark beat me to it.

标签： php security laravel

收藏的人(0)

Ta的文章更多文章

0条评论

还没有人评论过~

Can you use query builder to build a query with a

问题:

回答1:

回答2:

收藏的人(0)

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮