laravel插入查询中的绑定参数

Using Laravel's query builder, I formed a database transaction with the following queries:

DB::transaction(function($map) {

    DB::connection('network')->table('Maps')
                              ->insert([
                                    'Name' => '?',
                                    'Gametype' => '?',
                                    'Author' => '?',
                                    'Enabled' => '?',
                                    'Public' => '?',
                                    'Required' => '?',
                                    'Image' => '?',
                                    'ReleaseDate' => '?',
                                    'ContactInfo' => '?',
                                ], [
                                    $map['name'], 
                                    $map['game'], 
                                    $map['creator'], 
                                    $map['enabled'], 
                                    $map['public'], 
                                    $map['required'], 
                                    $map['image-url'], 
                                    $map['released'], 
                                    $map['contact'],
                                ]); 

    DB::connection('website')->table('panel_logs')
                             ->insert([

                                    'message' => 'Added a new map to '. $map['game'] .' called '. $map['name'] .'.',
                                    'timestamp' => Carbon::now(),
                                    'tag' => 2,
                                    'username' => Auth::user()->username

                                ]);

});

The first query inserts data into a database using query bindings. I have an array called maps containing the data for the insert and I would like to bind on the values however it's not working because it's treating the second array as another insert. In the docs, they didn't provide an example of query binding using the builder. Would it be better just to insert the data without binding? Will this still protect me from SQL injection as I think Laravel uses prepared statements anyway with their builder. I just would like to make sure things don't go horribly wrong.

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
douyiyang6317 2014-07-17 14:08
关注
There are different insert methods on the Connection and query Builder classes.

DB::connection('network') // this is Connection object ->table('Maps') // but now it's Query\Builder object

Connection insert takes a query string as 1st param, and bindings as 2nd param, while the other one does the job for you (no need to bind anything manually).

So what you need to do is simply this:

DB::connection('network')->table('Maps') ->insert([ 'Name' => $maps['name'], 'Gametype' => $maps['game'], ... ]);

Builder will take care of preparing statement and binding its values.

Also you need to change the transaction part a bit:

DB::transaction(function($con) use ($map) {
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

无法在Laravel原始查询中绑定参数 laravel php
2018-12-08 05:30

回答 2 已采纳 try to used like that $query = "SELECT 1 AS rank, 'CATEGORY' AS type, category_id AS id, name AS
如何使用laravel的查询构建器命名绑定？ laravel php sql
2016-08-31 17:13

回答 2 已采纳 I belive you mean using Query Scopes class MyModel extends Model { public function scopeSqlDi
Laravel 5.2路由模型绑定 laravel php
2016-02-22 22:25

回答 2 已采纳 Because your variable is called $model, Laravel will look for a wildcard segment of the url writte
Laravel约会表单模型绑定 laravel php
2015-07-30 23:11

回答 3 已采纳 I've never done this before, but it seems to work on a basic example I put together. Note that I'm
Laravel请求绑定到容器中的哪个位置？ laravel php
2017-02-14 12:46

回答 1 已采纳 The Laravel request object is bound and rebound from multiple service providers. You can find thi
Laravel方法模型绑定？ laravel php
2015-04-17 15:52

回答 2 已采纳 However, with route model binding, it seems I can only bind one model to a keyword, and since m
PHP Laravel 5.2 中文文档：HTTP 路由Route
2024-08-10 16:07

学亮编程手记的博客 Laravel 路由模型绑定为注入类实例到路由提供了方便，例如，你可以将匹配给定 ID 的整个 User 类实例注入到路由中，而不是直接注入用户 ID。，这样，Laravel 会自动注入与请求 URI 中传入的 ID 对应的用户模型实例。
如何将已认证的用户绑定到控制器中的参数？ laravel php
2019-05-12 17:09

回答 2 已采纳 You want the webmaster to be injected into your method by laravel's dependency injection. The way
laravel：表单模型绑定得到null所以得到错误 laravel php
2016-08-18 20:55

回答 1 已采纳 Try it in your view: <img src="{{ !$profile ?: url('images/'.$profile->logo) }}" alt="Profi
如何将响应数据绑定到laravel 5中的视图 laravel mysql php
2016-04-24 08:27

回答 2 已采纳 You should add a route so that when a request is sent to the specified URL, the avatar is read fro
Laravel-FakeId：Laravel路线中的自动模型ID模糊处理
2021-02-03 12:52

首先，请确保使用model()方法将模型绑定到Laravel的路由器，例如在routes.php文件顶部boot()如果使用路由缓存，则在RouteServiceProvider的boot()方法中）： Route :: model ( 'mymodel' , 'App\MyModel' ); 这样...
php orm中关联查询,【整理】Laravel中Eloquent ORM 关联关系的操作
2021-04-13 14:04

炉石传说控的博客 Laravel中Eloquent ORM 关联关系的操作关联数据定义关联关系一对一class User extends Model{// 获取关联到用户的手机public function phone(){// Phone 模型默认有一个 user_id 外键return $this->hasOne('App\...
PHP 之 Laravel 框架
2023-07-20 15:03

羽墨灵丘的博客整理 Laravel 框架的基础功能
php 查询构造器,Laravel框架查询构造器常见用法总结
2021-04-23 22:45

杏花朵朵的博客本文实例讲述了Laravel框架查询构造器常见用法。分享给大家供大家参考，具体如下：查询构造器...Laravel查询构造器提供方便流畅的接口，用来建立及执行数据库查找语法使用PDO参数绑定，以保护应用程序免于SQL注入因...
没有解决我的问题, 去提问

悬赏问题

¥15 乌班图ip地址配置及远程SSH
¥15 怎么让点阵屏显示静态爱心，用keiluVision5写出让点阵屏显示静态爱心的代码，越快越好
¥15 PSPICE制作一个加法器
¥15 javaweb项目无法正常跳转
¥15 VMBox虚拟机无法访问
¥15 skd显示找不到头文件
¥15 机器视觉中图片中长度与真实长度的关系
¥15 fastreport table 怎么只让每页的最下面和最顶部有横线
¥15 java 的protected权限，问题在注释里
¥15 这个是哪里有问题啊？

laravel插入查询中的绑定参数

1条回答 默认 最新

悬赏问题

1条回答默认最新