doukao8851 2019-03-14 11:09
浏览 60

原始查询将VARCHAR转换为SQL Server数据库在CodeIgniter中不起作用

I try to do raw query in codeigniter to sql server database 

$this->db->query("SELECT * FROM TableName WHERE  CONVERT(VARCHAR," .$ColumnName. ", 120) LIKE '%".$_POST['search']['value']."%'");

$_POST['search']['value'] is for search string input.

I tried to query using this string directly in navicat and it is working, however it didn't work when I apply it in codeigniter.

What might be the issue?

  • 写回答

1条回答 默认 最新

  • douba3943 2019-03-14 11:39
    关注

    In a model - the Query builder version would look something like this:

    $db = $this->db;
$db->like($ColumnName,$_POST['search']['value']);
$data = $db->get(TableName)->result_array();

    Codeigniter will escape the $_POST parameter making it safe. As long as $ColumnName is never passed in by the user as well :o) In that case it would need escaping too.

    评论

报告相同问题?

悬赏问题

  • ¥15 我想咨询一下路面纹理三维点云数据处理的一些问题,上传的坐标文件里是怎么对无序点进行编号的,以及xy坐标在处理的时候是进行整体模型分片处理的吗
  • ¥15 一直显示正在等待HID—ISP
  • ¥15 Python turtle 画图
  • ¥15 关于大棚监测的pcb板设计
  • ¥15 stm32开发clion时遇到的编译问题
  • ¥15 lna设计 源简并电感型共源放大器
  • ¥15 如何用Labview在myRIO上做LCD显示?(语言-开发语言)
  • ¥15 Vue3地图和异步函数使用
  • ¥15 C++ yoloV5改写遇到的问题
  • ¥20 win11修改中文用户名路径