如何在 where 子句中使用 Zend_Db_Table->update() 绑定变量
如果我想使用 Zend_Db_Table->update() 方法用数据更新我的表,我无论如何都找不到在“where”子句中使用绑定变量。
方法签名是:
int update($data, array|string $where)
通常您会像这样调用该方法:
$table = new Bugs();
$data = array(
'updated_on' => '2007-03-23',
'bug_status' => 'FIXED'
);
$where = $table->getAdapter()->quoteInto('bug_id = ?', 1234);
$table->update($data, $where);
quoteInto 只是转义变量,而不是绑定它。
需要有一种方法来使用绑定变量,否则 DBMS 将无法有效地缓存该查询。
我是否遗漏了什么,或者这是 Zend 的疏忽?
If I want to use the Zend_Db_Table->update() method to update my table with data, I cannot find anyway to use bind variables in the "where" clause.
The method signature is:
int update($data, array|string $where)
Usually you will call the method like this:
$table = new Bugs();
$data = array(
'updated_on' => '2007-03-23',
'bug_status' => 'FIXED'
);
$where = $table->getAdapter()->quoteInto('bug_id = ?', 1234);
$table->update($data, $where);
quoteInto is just going to escape the variable, not bind it.
There needs to be a way to use bind variables, otherwise a DBMS is not going to cache this query effectivly.
Am I missing something, or is this an oversight on Zend's part?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您只是更新数据,RDBMS(我假设 MySQL)不会缓存 UPDATE 查询。如果您仍然想使用绑定变量(安全性?性能?),则必须使用准备好的语句:
但是除非您在批处理中拥有数百万个 UPDATE 查询,否则我认为您不应该为此烦恼。只需使用 $table->update($data, $where);
You are only updating data, RDBMS (I assume MySQL) doesn't cache UPDATE queries. If you still want to use bind variables (security? performance?), you will have to use prepared statements:
But unless you are having millions of UPDATE queries in a batch I don't think you should bother with this. Just use the $table->update($data, $where);