You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Now that the database API consistently uses (and requires) prepared statement support, this package should support that as well. To do a lookup by anything that's not a PK still requires manual quoting of all values.
// Current behavior$data = (newMyModel)->where('name = ' . $db->quote($name))->get();
// Preferred behavior$data = (newMyModel)->where('name', '=', $name);
// With this method prototype in the Query classpublicfunctionwhere(string$column, $value, string$operator = '=', string$glue = 'AND')
{
$paramName = ':' . $column;
$this->query->where($column . ' ' . $operator . ' ' . $paramName, $glue);
// TODO - Support defining the parameter type too, or at least detecting based on the $value param type?$this->query->bind($paramName, $value);
return$this;
}
The text was updated successfully, but these errors were encountered:
Now that the database API consistently uses (and requires) prepared statement support, this package should support that as well. To do a lookup by anything that's not a PK still requires manual quoting of all values.
The text was updated successfully, but these errors were encountered: