07-27-2023, 12:31 AM
I'd like to know how to bind values in where clause. I have understood that is something that MUST be done for security reasons.
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query
->select("*")
->from($db->quoteName("food"))
->where("taste = :taste")
->bind(':taste', 'sweet');
$db->setQuery($query);
$rows = $db->loadAssocList();
I'm getting this error:
> You have an error in your SQL syntax; check the manual that
> corresponds to your MySQL server version for the right syntax to use
> near ':taste' at line 3 SQL=SELECT * FROM `food` WHERE taste = :taste
My code is based on [this post][1]. It said that in Joomla 3.1 only "*PDO/Sqlite and PDO/Oracle are supporting prepared statements*", I am using Joomla 3.2.1 and MySQL, and in my Joomla configuration MySQLi. Could be that the problem?
I am quite confused because I dont know what API / Class have to follow.
- [JDatabase for Joomla 3.x][2] **there is no bind method**, and the information is scant, seems like is not completed.
- [JDatabase for Joomla 2.5][3] has more information, but obviously is not my version. there is no bind method.
- [JDatabaseQuery for Joomla 3.x][4] there is no bind method
- [JDatabaseQuerySqlite for Joomla 3.x][5] **has** bind method
- [JDatabaseQueryPdo for Joomla 3.x][6] there is no bind method
- [JTable for Joomla 3.x][7] **has** bind method
Even I'm starting to doubt if I have to use JFactory::getDbo() to Select/Insert/Update/Delete data in Joomla DB.
Thanks in advance.
[1]:
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query
->select("*")
->from($db->quoteName("food"))
->where("taste = :taste")
->bind(':taste', 'sweet');
$db->setQuery($query);
$rows = $db->loadAssocList();
I'm getting this error:
> You have an error in your SQL syntax; check the manual that
> corresponds to your MySQL server version for the right syntax to use
> near ':taste' at line 3 SQL=SELECT * FROM `food` WHERE taste = :taste
My code is based on [this post][1]. It said that in Joomla 3.1 only "*PDO/Sqlite and PDO/Oracle are supporting prepared statements*", I am using Joomla 3.2.1 and MySQL, and in my Joomla configuration MySQLi. Could be that the problem?
I am quite confused because I dont know what API / Class have to follow.
- [JDatabase for Joomla 3.x][2] **there is no bind method**, and the information is scant, seems like is not completed.
- [JDatabase for Joomla 2.5][3] has more information, but obviously is not my version. there is no bind method.
- [JDatabaseQuery for Joomla 3.x][4] there is no bind method
- [JDatabaseQuerySqlite for Joomla 3.x][5] **has** bind method
- [JDatabaseQueryPdo for Joomla 3.x][6] there is no bind method
- [JTable for Joomla 3.x][7] **has** bind method
Even I'm starting to doubt if I have to use JFactory::getDbo() to Select/Insert/Update/Delete data in Joomla DB.
Thanks in advance.
[1]:
[To see links please register here]
[2]:[To see links please register here]
[3]:[To see links please register here]
[4]:[To see links please register here]
[5]:[To see links please register here]
[6]:[To see links please register here]
[7]:[To see links please register here]