douruyun8153
2013-11-19 11:17
浏览 140
已采纳

Laravel - 在where子句列中使用mysql函数

I have a database with encrypted field using AES_ENCRYPT

the data is encrypted and should stay this way, so there is no way of changing the method it is encrypted with.

Recently I started working on a new project with Laravel. when I tried to do an update with a where clause on the field encrypted with AES, I received the following query:

SELECT * FROM `users` WHERE `mail` = ? LIMIT 1

And the following binding:

AES_ENCRYPT('email@email.com', 'somekey')

For the following code:

$email = Input::get('email');
$user = User::where("mail", "AES_ENCRYPT('{$email}', '{$this->aesKey}')")->first();

Which is basically logical - But how do I use force it do the following Query:

SELECT * FROM `users` WHERE `mail` = AES_ENCRYPT(?, 'someKey') limit 1

With this binding:

email@email.com

Hope there is a way passing function to the where clause on the value

  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 收藏
  • 邀请回答

3条回答 默认 最新

  • dpx49470 2016-03-09 16:23
    已采纳

    In laravel 5 you can use whereRaw with bindings too, so you get correct escaping and injection prevention.

    Just pass bindings array as second parameter. For example:

    $user = User::where("mail = AES_ENCRYPT(:email, :aesKey)", ['email' => $email, 'aesKey' => $this->aesKey])->first();
    
    评论
    解决 无用
    打赏 举报
  • 查看更多回答(2条)

相关推荐 更多相似问题