Welcome Guest, Not a member yet? Register   Sign In
convert value from routes/uri to string
#7

(04-14-2019, 07:01 AM)dave friend Wrote: Did you do this?
It is likely what Wouter60 was implying.

PHP Code:
public function user($key$value)
{
 
   $sql "SELECT * FROM users WHERE $key = ?";
 
   $query $this->db->query($sql, array($value));
 
   return $query->row();


The double quotes to define the query string are required.

Use of query binding is highly desirable for the security it provides.

I know and I have tried it and failed if I use the method above. the error is only caused because the value of value is not string type. if I use a basic query I am not happy to see $value flanked by single quotes, if I use an automatic query builder consider the value of $value to be a string but the disadvantage (in my opinion) if using this method is less flexibility.

if you are willing to help me to change it to a query builder I am very happy.
PHP Code:
   public function user_campaign($key$value)
 
   {
 
       return $this->db->query("
            SELECT *
            FROM (
                SELECT *
                FROM users
                WHERE 
$key = $value
            ) users_campaigns
            INNER JOIN campaigns
            ON users_campaigns.id = campaigns.id
        "
)->row();
 
   
Reply


Messages In This Thread
convert value from routes/uri to string - by DELE - 04-13-2019, 01:42 AM
RE: convert value from routes/uri to string - by DELE - 04-15-2019, 06:26 PM



Theme © iAndrew 2016 - Forum software by © MyBB