跟php一样查询?
I was an extremely amauter php developer before I decided to jump on the rails train. Now, I can say that I am a pretty good rails developer, and have come to love many of the features it offers. Mainly, I LOVE how easy it is to query in rails. For example:
@records = Model.where('column_name = ? and column_name = ?', params[:something], params[:something2])
This is easy to to do, and it even handles SQL injection. As much as I love rails, I am developing an app using PHP right now. I am at the point where I need to start putting a database together and begin querying it. So my question is, are there php libraries that work similar to rails queries? In other words, help with sql injection, ease of use, etc.? Any and all input would be appreciated.
在我决定跳上铁路列车之前,我是一个非常漂亮的php开发人员。 现在,我可以说我是一个非常好的rails开发人员,并且已经开始喜欢它提供的许多功能。 主要是,我喜欢在rails中查询是多么容易。 例如: p>
@records = Model.where('column_name =?and column_name =?',params [:something],params [:something2])
代码> pre>
这很容易做到,它甚至可以处理SQL注入。 尽管我喜欢rails,但我现在正在开发一个使用PHP的应用程序。 我正处于需要开始将数据库放在一起并开始查询的地步。 所以我的问题是,是否有类似于rails查询的php库? 换句话说,帮助sql注入,易用性等? 任何和所有输入将不胜感激。 p>
div>
PHP provides a library called PDO, built into the language, which does exactly what you're asking: http://php.net/manual/en/book.pdo.php
What you're asking about, by the way, is called "parameterised queries".
In fact, even the MySQLi library can do it.
The one PHP library that can't do it is the old MySQL library (ie functions like mysql_query() etc). This library is considered obsolete and is no longer maintained. If you're still using it (which I guess you probably are if you don't know about PDO or MySQLi), then the PHP manual recommends switching to one of the other two libraries.
You can use ActiveRecord with PHP: http://www.phpactiverecord.org/
and there are lots of other ORM alternatives that try to ease the pain a little. Have a Google and try a few out to see whether one suits you more than another.