問題描述

如何在 Laravel 4 中轉義傳遞給原始查詢的參數?我期待像 DB::escape()(它從 Laravel 3 中敲響鐘聲)并且還嘗試了 DB::quote()(我認為可以通過PDO 對象)

How does one go about escaping parameters passed to a raw query in Laravel 4? I expected something like DB::escape() (which rings a bell from Laravel 3) and also attempted DB::quote() (which I thought could be available through the PDO object)

$query = DB::select("SELECT * FROM users WHERE users.id = " . DB::escape($userId));

我們不能使用帶有占位符的 select 方法，因為上面只是我們試圖實現的一個簡化示例.我們有一個大型自定義查詢，其中包含一些無法實現的嵌套選擇查詢適應查詢構建器.

We can't use the select method with placeholders as the above is just a simplified example of what we are trying to achieve. We have a large custom query with a few nested select queries that cannot be adapted to the query builder.

在插入 Laravel 4 之前轉義某些內容的最佳方法是什么?

What is the best approach to escaping something prior to inserting in Laravel 4?

我剛剛發現您可以通過這種方式訪問?? PDO 對象并在其上使用引用函數.這仍然是最好的方法，還是有更簡單的方法來訪問這個功能?

I've just discovered that you can access the PDO object and use the quote function on it this way. Is this still the best approach, or is there an easier way to access this function?

DB::connection()->getPdo()->quote("string to quote");

推薦答案

您可以通過 DB 外觀以這種方式引用您的字符串.

You can quote your strings this way, through the DB facade.

DB::connection()->getPdo()->quote("string to quote");

當我發現它時，我確實把這個答案放在了我的問題中，但是我現在把它作為一個實際的答案，以便其他人更容易找到.

I did put this answer in my question when I discovered it, however I've now put it in as an actual answer to make it easier for others to find.

這篇關于在 Laravel 4 中轉義原始 SQL 查詢的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！