php-Active Record查询中的Codeigniter括号
作者:互联网
我有这个ActiveRecord来产生查询,
$this->purchase_requisition_model
->where('deleted','1')
->likes('to',$sapfvalue,'both')
->likes('date',$sapfvalue,'both')
->likes('request_by',$sapfvalue,'both')
->likes('deliver_to',$sapfvalue,'both')
->likes('name',$sapfvalue,'both')
->likes('telephone',$sapfvalue,'both')
->likes('designation',$sapfvalue,'both')
->likes('budget_status',$sapfvalue,'both')
->find_all();
上面的ActiveRecord将产生以下查询,
SELECT * FROM (`purchase_requisition`)
WHERE `deleted` = '1'
AND `to` LIKE '%fg%'
OR `date` LIKE '%fg%'
OR `request_by` LIKE '%fg%'
OR `deliver_to` LIKE '%fg%'
OR `name` LIKE '%fg%'
OR `telephone` LIKE '%fg%'
OR `designation` LIKE '%fg%'
OR `budget_status` LIKE '%fg%'
但是如何使用ActiveRecord生成以下查询?
SELECT * FROM (`purchase_requisition`)
WHERE `deleted` = '1'
AND ( `to` LIKE '%fg%'
OR `date` LIKE '%fg%'
OR `request_by` LIKE '%fg%'
OR `deliver_to` LIKE '%fg%'
OR `name` LIKE '%fg%'
OR `telephone` LIKE '%fg%'
OR `designation` LIKE '%fg%'
OR `budget_status` LIKE '%fg%' )
解决方法:
正如@M Khalid Junaid所指出的那样,Codeigniter的活动记录库不支持分组的where子句.您可以通过使用“ where”来创建解决方法,同时防止Codeigniter自动转义查询:
$escaped_sapfvalue = $this->db->escape( $sapfvalue );
$this->purchase_requisition_model
->where('deleted','1')
->where("( `to` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->where("OR `date` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->where("OR `request_by` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->where("OR `deliver_to` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->where("OR `name` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->where("OR `telephone` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->where("OR `designation` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->where("OR `budget_status` LIKE '%{$escaped_sapfvalue}%' )", null, FALSE)
->find_all();
请注意,而不是我如何手动对变量进行转义以防止SQL注入.还要注意第一个和最后一个“ LIKE”如何分别包含左括号和右括号.
尽管这可行,但它具有很多重复的代码.遍历数组会更优雅:
$escaped_sapfvalue = $this->db->escape( $sapfvalue );
$or_like = '';
foreach( $column_list as $column ) {
// If it's not the first column, add 'OR'
if ( strlen($or_like) > 0 ) {
$or_like .= ' OR ';
}
// Concatenate manually escaped columns and rows
$escaped_column = $this->db->escape( $column );
$or_like .= "`{$escaped_column}` LIKE '%{$escaped_sapfvalue}%'";
}
// Add grouping parenthesis
$grouped_or_like = "( {$or_like} )";
// Build the query
$this->purchase_requisition_model
->where('deleted','1')
->where( $grouped_or_like, null, false )
->find_all();
编辑:虽然我还没有测试过,但我只是认为这也应该起作用:
$escaped_sapfvalue = $this->db->escape( $sapfvalue );
$this->purchase_requisition_model
->where('deleted','1')
->where("( `to` LIKE '%{$escaped_sapfvalue}%'", null, FALSE)
->or_like('date',$sapfvalue,'both')
->or_like('request_by',$sapfvalue,'both')
->or_like('deliver_to',$sapfvalue,'both')
->or_like('name',$sapfvalue,'both')
->or_like('telephone',$sapfvalue,'both')
->or_like('designation',$sapfvalue,'both')
->where("OR `budget_status` LIKE '%{$escaped_sapfvalue}%' )", null, FALSE)
->find_all();
选择最适合您的方法.
标签:activerecord,codeigniter,bonfire,mysql,php 来源: https://codeday.me/bug/20191121/2054214.html