CakePHP-生成不带撇号的SQL更新语句
[英]CakePHP - generating SQL update statement without apostrophes
问题描述
I'm trying to call updateAll function on Model and update text column but CakePHP doesn't add apostrophes to SQL command. 
我正在尝试在Model上调用updateAll函数并更新文本列,但CakePHP不会在SQL命令中添加撇号。
Is there any special setting to make it active? 有什么特殊设置可以激活它吗? Is it necessary to do sanitization manually? 是否需要手动进行消毒?
I'm using CakePHP 2.3 and MySQL 5.1 我正在使用CakePHP 2.3和MySQL 5.1
CakePHP CakePHP
$this->User->updateAll(
array('User.about_me' => $about),
array('User.id' => $id)
);
SQL command SQL命令
UPDATE `test`.`users` AS `User`
SET `User`.`about_me` = Nunc posuere risus sed elit ornare malesuada.
WHERE `User`.`id` = 8956954
1 个解决方案
解决方案1
0 已采纳 2014-02-12 07:51:03
Yes, this one is a little unexpected, but if you open cookbook and read about updateAll , it is clearly stated, that "Literal values should be quoted manually using DboSource::value() ". 是的,这有点出乎意料,但是如果您打开烹饪书并阅读有关updateAll ,则会清楚地指出,“应该使用DboSource::value()手动引用文字值”。 Or if you don't use user input, you can quote it yourself like: array('User.state' => "'active'") 或者,如果您不使用用户输入,则可以自己引用它,例如: array('User.state' => "'active'")
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.