Welcome Guest, Not a member yet? Register   Sign In
Gas Orm SQL Query


Sorry for late reply, did not notice this post since everyone ask about this ORM in this thread (that will notice me via email when someone post in that thread).

[quote author="richardhoppes" date="1333422874"]I have a query that is a little too complex to write using the query builder.

Is it possible to run a raw SQL query, and still have it A) protect against SQL injection and B) map properly to the Model?[/quote]

Generally, if you use CI query builder it automatically escaping your query string, but you also need to sanitize the input (by enable xss protection, etc) to ensure your data not vulnerable against other attack method.

You can map your query result into Gas record container, like :
public function search($keyword)
   $result = array();
   $query = $this->query("SELECT * FROM $this->table WHERE title LIKE '%$keyword%' LIMIT 10");

   foreach ($query->result_array() as $item)
      $result[] = new static($item);

   return $result;
Then from your controller you can use it :
$search = Model\Movie::make()->search('tron');
echo 'Total match movies :'.count($search);

foreach ($search as $movie)
   echo $movie->title . "\n";

Messages In This Thread
Gas Orm SQL Query - by El Forum - 04-02-2012, 08:14 PM
Gas Orm SQL Query - by El Forum - 04-07-2012, 08:07 AM

Theme © iAndrew 2016 - Forum software by © MyBB