ThinkPHP5.1: Use of array object query

Developers who have used 5.0 tend to rely on the array query method of 5.0, but unfortunately the array query method of 5.1 is very different from 5.0, so I often hear developers complain about 5.1 The array query is not easy to use.

First of all, for reasons of security and ease of use, the official does not recommend the use of array query conditions. Secondly, you may not know that version 5.1 actually provides a new array object query method. Used to replace the previous array condition.

If your version is V5.1.21, then you can try the array object query method mentioned below, you will definitely have unexpected surprises^_^

For those who are accustomed to or severe For users who rely on array query conditions, you can choose array object query. This object completes the bridge between ordinary array query and system query expression. However, compared with the query expression method recommended by the system, you need to pay attention to Variable security to avoid SQL injection.

To use array object query, you first need to introduce the think\db\Where class.

use think\db\Where;

There are generally two ways to use Where objects. The first one is the simplest. You still use array conditions to define query conditions like 5.0, for example:

$map = [
    'name' => ['like', 'thinkphp%'],
    'title' => ['like', '%think%'],
    'id' => ['>', 10],
    'status' => 1,
];

Then, in the actual use of where When changing the method to

Db::name('user')
    ->where(new Where($map))
    ->select();

, the generated SQL is:

SELECT * FROM `think_user` WHERE `name` LIKE 'thinkphp%' AND `title` LIKE '%think%' AND `id` > 10 AND `status` =1

This method is the easiest to modify, and is equivalent to switching to the 5.0 array query method with one click. Of course, in addition to Db queries, model queries are also supported.

The second way is to directly instantiate a Where object, and then directly pass in the Where object instance when querying the where method.

$where = new Where;
$where['id'] = ['in', [1, 2, 3]];
$where['title'] = ['like', '%php%'];
Db::name('user')
    ->where($where)
    ->select();

Where object implements the ArrayAccess interface, so it can be assigned directly as an array.

The generated SQL is:

SELECT * FROM `think_user` WHERE   `id` IN (1,2,3) AND `title` LIKE '%php%'

Using Where object query can be mixed with other query methods. If you want to add parentheses to the query conditions of an array query object when you mix array query objects, you can use

$where          = new Where;
$where['id']    = ['in', [1, 2, 3]];
$where['title'] = ['like', '%php%'];
Db::name('user')
    ->where($where->enclose())
    ->where('status', 1)
    ->select();

. The generated SQL is:

SELECT * FROM `think_user` WHERE  ( `id` IN (1,2,3) AND `title` LIKE '%php%' ) AND  `status` =1

enclose method represents the query. The condition will be enclosed in parentheses on both sides.

When using array objects to query, please be sure to check the data type and try to avoid letting users determine your data, which may lead to the possibility of SQL injection.

PHP Chinese website has a large number of free ThinkPHP introductory tutorials, everyone is welcome to learn!

This article is reproduced from: https://blog.thinkphp.cn/778497

The above is the detailed content of ThinkPHP5.1: Use of array object query. For more information, please follow other related articles on the PHP Chinese website!