编程语言
首页 > 编程语言> > php-Active Record查询中的Codeigniter括号

php-Active Record查询中的Codeigniter括号

作者:互联网

我有这个ActiveRecord来产生查询,

$this->purchase_requisition_model
  ->where('deleted','1')
  ->likes('to',$sapfvalue,'both')
  ->likes('date',$sapfvalue,'both')
  ->likes('request_by',$sapfvalue,'both')
  ->likes('deliver_to',$sapfvalue,'both')
  ->likes('name',$sapfvalue,'both')
   ->likes('telephone',$sapfvalue,'both')
  ->likes('designation',$sapfvalue,'both')
  ->likes('budget_status',$sapfvalue,'both')
  ->find_all();

上面的ActiveRecord将产生以下查询,

SELECT  * FROM (`purchase_requisition`)
WHERE `deleted` =  '1'
AND  `to`  LIKE '%fg%'
OR  `date`  LIKE '%fg%'
OR  `request_by`  LIKE '%fg%'
OR  `deliver_to`  LIKE '%fg%'
OR  `name`  LIKE '%fg%'
OR  `telephone`  LIKE '%fg%'
OR  `designation`  LIKE '%fg%'
OR  `budget_status`  LIKE '%fg%'

但是如何使用ActiveRecord生成以下查询?

SELECT  * FROM (`purchase_requisition`)
WHERE `deleted` =  '1'
AND  (  `to`  LIKE '%fg%'
OR  `date`  LIKE '%fg%'
OR  `request_by`  LIKE '%fg%'
OR  `deliver_to`  LIKE '%fg%'
OR  `name`  LIKE '%fg%'
OR  `telephone`  LIKE '%fg%'
OR  `designation`  LIKE '%fg%'
OR  `budget_status`  LIKE '%fg%' )

解决方法:

正如@M Khalid Junaid所指出的那样,Codeigniter的活动记录库不支持分组的where子句.您可以通过使用“ where”来创建解决方法,同时防止Codeigniter自动转义查询:

$escaped_sapfvalue = $this->db->escape( $sapfvalue );
$this->purchase_requisition_model
->where('deleted','1')
->where("( `to` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->where("OR `date` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->where("OR `request_by` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->where("OR `deliver_to` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->where("OR `name` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->where("OR `telephone` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->where("OR `designation` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->where("OR `budget_status` LIKE '%{$escaped_sapfvalue}%' )", null, FALSE)
->find_all();

请注意,而不是我如何手动对变量进行转义以防止SQL注入.还要注意第一个和最后一个“ LIKE”如何分别包含左括号和右括号.

尽管这可行,但它具有很多重复的代码.遍历数组会更优雅:

$escaped_sapfvalue = $this->db->escape( $sapfvalue );
$or_like = '';

foreach( $column_list as $column ) {
    // If it's not the first column, add 'OR'
    if ( strlen($or_like) > 0 ) {
        $or_like .= ' OR ';
    }
    // Concatenate manually escaped columns and rows
    $escaped_column = $this->db->escape( $column );
    $or_like .= "`{$escaped_column}` LIKE '%{$escaped_sapfvalue}%'";
}

// Add grouping parenthesis
$grouped_or_like = "( {$or_like} )";

// Build the query
$this->purchase_requisition_model
->where('deleted','1')
->where( $grouped_or_like, null, false )
->find_all();

编辑:虽然我还没有测试过,但我只是认为这也应该起作用:

$escaped_sapfvalue = $this->db->escape( $sapfvalue );
$this->purchase_requisition_model
->where('deleted','1')
->where("( `to` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->or_like('date',$sapfvalue,'both')
->or_like('request_by',$sapfvalue,'both')
->or_like('deliver_to',$sapfvalue,'both')
->or_like('name',$sapfvalue,'both')
->or_like('telephone',$sapfvalue,'both')
->or_like('designation',$sapfvalue,'both')
->where("OR `budget_status` LIKE '%{$escaped_sapfvalue}%' )", null, FALSE)
->find_all();

选择最适合您的方法.

标签:activerecord,codeigniter,bonfire,mysql,php
来源: https://codeday.me/bug/20191121/2054214.html