Gas Orm SQL Query |
[eluser]Unknown[/eluser]
I have a query that is a little too complex to write using the query builder. Is it possible to run a raw SQL query, and still have it A) protect against SQL injection and B) map properly to the Model? This is an example of what I'm trying to do: Code: <?php namespace Model; Thanks!
[eluser]toopay[/eluser]
@richardhoppes, Sorry for late reply, did not notice this post since everyone ask about this ORM in this thread (that will notice me via email when someone post in that thread). [quote author="richardhoppes" date="1333422874"]I have a query that is a little too complex to write using the query builder. Is it possible to run a raw SQL query, and still have it A) protect against SQL injection and B) map properly to the Model?[/quote] Generally, if you use CI query builder it automatically escaping your query string, but you also need to sanitize the input (by enable xss protection, etc) to ensure your data not vulnerable against other attack method. You can map your query result into Gas record container, like : Code: public function search($keyword) Code: $search = Model\Movie::make()->search('tron'); |
Welcome Guest, Not a member yet? Register Sign In |