New features of thinkphp v3.1 Development framework: Query condition preprocessing

Source: Internet
Author: User
Keywords Development framework new features preprocessing thinkphp query conditions
Tags array arrays class development development framework framework secure security

The 3.0 version of an array of query conditions will be securely filtered (since 3.0 enforces the use of field type detection, so the query conditions for arrays are cast to the set type of the field), but the security filtering of string conditions is not supported. The 3.1 version adds preprocessing support for conditional strings, making ORM more secure.
First, use the Where method
The Where method of the model class supports string conditional preprocessing, using the method:

$Model->where ("id=%d&http://www.aliyun.com/zixun/aggregation/37954.html" >nbsp;and username= '%s ' and xx= '%f '), Array ($id, $username, $xx))->select ();

or direct use:

$Model->where ("id=%d and Username= '%s ' and xx= '%f '", $id, $username, $xx)->select ();

If the ID variable comes from a user commit or a URL address, if the passed-in type is non-numeric, it is forced to be formatted as a number format for the query operation.
String preprocessing format types support specifying numbers, strings, and so on, and can refer to the parameter descriptions of the vsprintf method.
Ii. using Query and Execute methods
In addition to the Where condition, the native SQL query method also supports preprocessing mechanisms, such as:

$Model->query ("select * from Think_user WHERE id=%d and username= '%s ' and xx= '%f '", Array ($id, $username, $xx));

The Execute method of the model also supports preprocessing mechanisms like the Query method.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.