[PHP] Zend_Db (Zend Framework)

Jun Shimizu
Jun ShimizuCEO / DIRECTOR em PT. Buzoo Indonesia
Zend Database Buzoo PHP Lecture By : Tya Herlina
Definition Zend_Db and its related classes provide a simple SQL database interface for Zend Framework.
Zend_Db_Adapter Zend_Db_Adapter is the basic class you use to connect your PHP application to an RDBMS. There is a different Adapter class for each brand of RDBMS.
Zend_Db_Adapter (cont’d) RDBMS Adapter IBM DB2 Pdo_ibm MariaDB Pdo_mysql MySQL Pdo_mysql Microsoft SQL Server Pdo_dblib Oracle Pdo_oci PostgreSQL Pdo_pgsql SQLite Pdo_sqlite
Set Connection 1. 2. 3. Using a Zend_Db Adapter Constructor Using the Zend_Db Factory Using Zend_Config with the Zend_Db Factory
1. Using a Zend_Db Adapter Constructor $db = new Zend_Db_Adapter_Pdo_Mysql(array( ’host’ => ’buzoo.biz’, ’username’ => ’root’, ’password’ => ’’, ’dbname’ => ’app_geshucloud’ ));
2. Using the Zend_Db Factory $db = Zend_Db::factory('Pdo_Mysql', array( ’host’ => ’buzoo.biz’, ’username’ => ’root’, ’password’ => ’’, ’dbname’ => ’app_geshucloud’ ));
3. Using Zend_Config with the Zend_Db Factory database.host database.username database.password database.dbname = = = = “buzoo.biz“ “root“ “ “app_geshucloud“ $config = new Zend_Config_Ini(“path/to/config.ini“); $db = Zend_Db::factory(‘Pdo_Mysql‘, $config->database);
Set Connection Zend_Db_Table_Abstract::setDefaultAdapter ($db); Get Connection public function db() { return Zend_Db_Table_Abstract::getDefaultAdapter(); }
Reading Query Results 1. 2. 3. 4. 5. 6. Fetching a Complete Result Set Fetching a Single Row from a Result Set Fetching a Single Scalar from a Result Set Fetching a Result Set as an Associative Array Fetching Key-Value Pairs from a Result Set Fetching a Single Column from a Result Set
1. Fetching a Complete Result Set $models = $this->db()->fetchAll( “SELECT * FROM `dtb_customer`” ); print_r($models); echo $models[0][`customerID`]; //44 Array ( [0] => Array ( [customerID] [customerName] [customerAddr] [customerPhone] [create_date] [update_date] => => => => => => 44 Adisti Prihartini Maleo 345 Bintan 2390554 2012-10-30 14:29:36 2012-11-27 16:04:45 [customerID] [customerName] [customerAddr] [customerPhone] [create_date] [update_date] => => => => => => 45 Angela Nayoan Van Heutz Boulevard 53 Batavia 2140 2012-10-30 14:29:36 2012-11-27 16:04:45 ) [1] => Array ( ) )
2. Fetching a Single Row from a Result Set $models = $this->db()->fetchRow( “SELECT * FROM `dtb_customer` LIMIT 1” ); print_r($models); echo $models[`customerID`]; //44 Array ( [customerID] [customerName] [customerAddr] [customerPhone] [create_date] [update_date] ) => => => => => => 44 Adisti Prihartini Maleo 345 Bintan 2390554 2012-11-05 10:09:14 2012-11-21 10:35:45
3. Fetching a Single Scalar from a Result Set $models = $this->db()->fetchOne( “SELECT `customerID` FROM `dtb_customer` LIMIT 1” ); print_r($models); echo $models[`customerID`]; 44
Modifying Data to the Database 1. 2. 3. Inserting Data Updating Data Deleting Data
1. Inserting Data $this->db()->insert(‘dtb_room_facility‘, array( ‘room_id‘ => 99, ‘facility_id‘ => 99 )); echo $this->db()->lastInsertId(); //5 $model = new Dao_RoomFacility(); $new_id = $model->insert(array( ‘room_id‘ => 99, ‘facility_id‘ => 99 )); echo $new_id; //5
2. Updating Data $update_id = $this->db()->update('dtb_room_facility', array( 'room_id' => 999, 'facility_id' => 999 ), 'id = 999'); echo $update_id; //1 $model = new Dao_RoomFacility(); $update_id = $model->update( array( 'room_id' => 899, 'facility_id' => 899 ), 'id = 899'); echo $update_id; //1
3. Deleting Data $delete_id = $this->db()->delete( '`dtb_room_facility`', '`id` = 999' ); echo $delete_id; //1 $model = new Dao_RoomFacility(); $delete_id = $model->delete( '`id` = 899'); echo $delete_id; //1
Preventing SQL Injection $name = "O'Reilly"; $sql = "SELECT * FROM `dtb_customer` WHERE `customerName` = '$name'"; echo $sql; // SELECT * FROM `dtb_customer` WHERE `customerName` = 'O'Reilly'
Quoting Values and Identifiers 1. 2. 3. Using quote() Using quoteInto() Using quoteIdentifier()
1. Using quote() $name = $this->db()->quote("O'Reilly"); $sql = "SELECT * FROM `dtb_customer` WHERE `customerName` = $name"; echo $sql; // SELECT * FROM `dtb_customer` WHERE `customerName` = 'O'Reilly' $phone = $this->db()->quote("1234", "INTEGER"); $sql = "SELECT * FROM `dtb_customer` WHERE `customerPhone` = $phone"; echo $sql; // SELECT * FROM `dtb_customer` WHERE `customerPhone` = 1234
2. Using quoteInto() $name = "O'Reilly"; $sql = $this->db()->quoteInto( "SELECT * FROM `dtb_customer` WHERE `customerName` = ?", $name ); echo $sql; // SELECT * FROM `dtb_customer` WHERE `customerName` = 'O'Reilly'
Notes  Always store your logic query in Models/Logic/your_logic.php  Minimizing the possibility of SQL injection with quoting values  When creating logic, please reduce the possibility of errors  Always return your logic result value  Always check the existing logic before you make yours
Thank you~  Question?  Share?  Critics?  Advice?
1 de 23

[PHP] Zend_Db (Zend Framework)

Baixar para ler offline
Tecnologia

PT.BUZOO INDONESIA is No1 Japanese offshore development company in Indonesia. We are professional of web solution and smartphone apps. We can support Japanese, English and Indonesia. We are hiring now at http://buzoo.co.id/

Jun Shimizu
Jun ShimizuCEO / DIRECTOR em PT. Buzoo Indonesia

Recomendados

Doctrine 2Doctrine 2
Doctrine 2zfconfua
1.7K visualizações40 slides
Advanced php testing in actionAdvanced php testing in action
Advanced php testing in actionJace Ju
2.1K visualizações92 slides
Dependency InjectionDependency Injection
Dependency InjectionRifat Nabi
2.8K visualizações34 slides
Drupal II: The SQLDrupal II: The SQL
Drupal II: The SQLddiers
3.1K visualizações38 slides
CodeIgniter Class ReferenceCodeIgniter Class Reference
CodeIgniter Class ReferenceJamshid Hashimi
3.4K visualizações37 slides
PHP Data ObjectsPHP Data Objects
PHP Data ObjectsWez Furlong
10.4K visualizações46 slides

Mais conteúdo relacionado

Mais procurados

I regret nothingI regret nothing
I regret nothingŁukasz Langa
1.3K visualizações39 slides
Drupal 8 database apiDrupal 8 database api
Drupal 8 database apiViswanath Polaki
622 visualizações24 slides
Drupal - dbtng 25th Anniversary EditionDrupal - dbtng 25th Anniversary Edition
Drupal - dbtng 25th Anniversary Editionddiers
2.7K visualizações39 slides

Mais procurados(20)

[WLDN] Supercharging word press development in 2018[WLDN] Supercharging word press development in 2018
[WLDN] Supercharging word press development in 2018
Adam Tomat291 visualizações
Managing a shared_mysql_farm_phpday2011Managing a shared_mysql_farm_phpday2011
Managing a shared_mysql_farm_phpday2011
Combell NV1K visualizações
I regret nothingI regret nothing
I regret nothing
Łukasz Langa1.3K visualizações
Drupal 8 database apiDrupal 8 database api
Drupal 8 database api
Viswanath Polaki622 visualizações
Drupal - dbtng 25th Anniversary EditionDrupal - dbtng 25th Anniversary Edition
Drupal - dbtng 25th Anniversary Edition
ddiers2.7K visualizações
Temporary Cache Assistance (Transients API): WordCamp Phoenix 2014Temporary Cache Assistance (Transients API): WordCamp Phoenix 2014
Temporary Cache Assistance (Transients API): WordCamp Phoenix 2014
Cliff Seal5K visualizações
Mocking Dependencies in PHPUnitMocking Dependencies in PHPUnit
Mocking Dependencies in PHPUnit
mfrost5039K visualizações
Internationalizing CakePHP ApplicationsInternationalizing CakePHP Applications
Internationalizing CakePHP Applications
Pierre MARTIN5.8K visualizações
Agile database access with CakePHP 3Agile database access with CakePHP 3
Agile database access with CakePHP 3
José Lorenzo Rodríguez Urdaneta17.9K visualizações
Temporary Cache Assistance (Transients API): WordCamp Birmingham 2014Temporary Cache Assistance (Transients API): WordCamp Birmingham 2014
Temporary Cache Assistance (Transients API): WordCamp Birmingham 2014
Cliff Seal1.6K visualizações
Top Ten Reasons to Use EntityFieldQuery in DrupalTop Ten Reasons to Use EntityFieldQuery in Drupal
Top Ten Reasons to Use EntityFieldQuery in Drupal
Fredric Mitchell2K visualizações
From mysql to MongoDB(MongoDB2011北京交流会)From mysql to MongoDB(MongoDB2011北京交流会)
From mysql to MongoDB(MongoDB2011北京交流会)
Night Sailer1.5K visualizações
Drupal Module DevelopmentDrupal Module Development
Drupal Module Development
ipsitamishra3.4K visualizações
Desarrollo de módulos en Drupal e integración con dispositivos móvilesDesarrollo de módulos en Drupal e integración con dispositivos móviles
Desarrollo de módulos en Drupal e integración con dispositivos móviles
Luis Curo Salvatierra389 visualizações
Meet Magento Sweden - Magento 2 Layout and Code Compilation for PerformanceMeet Magento Sweden - Magento 2 Layout and Code Compilation for Performance
Meet Magento Sweden - Magento 2 Layout and Code Compilation for Performance
Ivan Chepurnyi25.7K visualizações
Presentation1Presentation1
Presentation1
Rahadyan Gusti349 visualizações
MTDDC 2010.2.5 Tokyo - Brand new APIMTDDC 2010.2.5 Tokyo - Brand new API
MTDDC 2010.2.5 Tokyo - Brand new API
Six Apart KK2.2K visualizações
How to write bad code in redux (ReactNext 2018)How to write bad code in redux (ReactNext 2018)
How to write bad code in redux (ReactNext 2018)
500Tech404 visualizações
Future of HTTP in CakePHPFuture of HTTP in CakePHP
Future of HTTP in CakePHP
markstory4.3K visualizações
CGI::Prototype (NPW 2006)CGI::Prototype (NPW 2006)
CGI::Prototype (NPW 2006)
brian d foy15.2K visualizações

Destaque

Design Pattern with BurgerDesign Pattern with Burger
Design Pattern with BurgerJun Shimizu
1.4K visualizações25 slides
Piling licaPiling lica
Piling licaXenia Doctors Centar
394 visualizações19 slides

Destaque(8)

Sales Methodologies - A quick guide to boosting success - realSociableSales Methodologies - A quick guide to boosting success - realSociable
Sales Methodologies - A quick guide to boosting success - realSociable
Dalia Asterbadi1.2K visualizações
Design Pattern with BurgerDesign Pattern with Burger
Design Pattern with Burger
Jun Shimizu1.4K visualizações
NextGen Customer Engagement - An Extension from Dave McClure's Pirate Startup...NextGen Customer Engagement - An Extension from Dave McClure's Pirate Startup...
NextGen Customer Engagement - An Extension from Dave McClure's Pirate Startup...
Dalia Asterbadi712 visualizações
Slicing Up the Mobile Services Revenue PieSlicing Up the Mobile Services Revenue Pie
Slicing Up the Mobile Services Revenue Pie
Sam Gellar5.3K visualizações
realSociable - Creating a need and changing sales flowrealSociable - Creating a need and changing sales flow
realSociable - Creating a need and changing sales flow
Dalia Asterbadi563 visualizações
Piling licaPiling lica
Piling lica
Xenia Doctors Centar 394 visualizações
Engagement for a Modern Sales TeamEngagement for a Modern Sales Team
Engagement for a Modern Sales Team
Dalia Asterbadi506 visualizações
The beatlesThe beatles
The beatles
Pamela0710170 visualizações

Similar a [PHP] Zend_Db (Zend Framework)

ZF2 for the ZF1 DeveloperZF2 for the ZF1 Developer
ZF2 for the ZF1 DeveloperGary Hockin
3.3K visualizações40 slides
Code Igniter 2Code Igniter 2
Code Igniter 2Nitin Reddy Katkam
814 visualizações12 slides
8. vederea inregistrarilor8. vederea inregistrarilor
8. vederea inregistrarilorRazvan Raducanu, PhD
192 visualizações16 slides
PHP Data ObjectsPHP Data Objects
PHP Data ObjectsPrashant Marathe
160 visualizações23 slides
Zend Framework Study@Tokyo #2Zend Framework Study@Tokyo #2
Zend Framework Study@Tokyo #2Shinya Ohyanagi
1.3K visualizações68 slides

Similar a [PHP] Zend_Db (Zend Framework)(20)

ZF2 for the ZF1 DeveloperZF2 for the ZF1 Developer
ZF2 for the ZF1 Developer
Gary Hockin3.3K visualizações
Code Igniter 2Code Igniter 2
Code Igniter 2
Nitin Reddy Katkam814 visualizações
8. vederea inregistrarilor8. vederea inregistrarilor
8. vederea inregistrarilor
Razvan Raducanu, PhD192 visualizações
PHP Data ObjectsPHP Data Objects
PHP Data Objects
Prashant Marathe160 visualizações
Zend Framework Study@Tokyo #2Zend Framework Study@Tokyo #2
Zend Framework Study@Tokyo #2
Shinya Ohyanagi1.3K visualizações
Zend Framework 2 - Basic ComponentsZend Framework 2 - Basic Components
Zend Framework 2 - Basic Components
Mateusz Tymek5K visualizações
Meet Magento Belarus debug Pavel Novitsky (eng)Meet Magento Belarus debug Pavel Novitsky (eng)
Meet Magento Belarus debug Pavel Novitsky (eng)
Pavel Novitsky1.2K visualizações
Introducing PHP Data ObjectsIntroducing PHP Data Objects
Introducing PHP Data Objects
webhostingguy760 visualizações
Part 2Part 2
Part 2
A VD1.9K visualizações
Zend Framework 1 + Doctrine 2Zend Framework 1 + Doctrine 2
Zend Framework 1 + Doctrine 2
Ralph Schindler6.8K visualizações
Disregard Inputs, Acquire Zend_FormDisregard Inputs, Acquire Zend_Form
Disregard Inputs, Acquire Zend_Form
Daniel Cousineau1.7K visualizações
Unit testing zend framework appsUnit testing zend framework apps
Unit testing zend framework apps
Michelangelo van Dam2.6K visualizações
Zend FrameworkZend Framework
Zend Framework
Hao Chen 陈浩1.9K visualizações
15. CodeIgniter editarea inregistrarilor15. CodeIgniter editarea inregistrarilor
15. CodeIgniter editarea inregistrarilor
Razvan Raducanu, PhD18 visualizações
Service discovery and configuration provisioningService discovery and configuration provisioning
Service discovery and configuration provisioning
Source Ministry1.7K visualizações
Working with databasesWorking with databases
Working with databases
Krasimir Berov (Красимир Беров)1.6K visualizações
19. CodeIgniter imagini in mysql19. CodeIgniter imagini in mysql
19. CodeIgniter imagini in mysql
Razvan Raducanu, PhD41 visualizações
Zend Framework 1.9 Setup & Using Zend_ToolZend Framework 1.9 Setup & Using Zend_Tool
Zend Framework 1.9 Setup & Using Zend_Tool
Gordon Forsythe8.5K visualizações
About Data::ObjectDriverAbout Data::ObjectDriver
About Data::ObjectDriver
Yoshiki Kurihara1.6K visualizações
Drupal Module Development - OSI Days 2010Drupal Module Development - OSI Days 2010
Drupal Module Development - OSI Days 2010
Siva Epari1.7K visualizações

Último

Último(20)

"Role of a CTO in software outsourcing company", Yuriy Nakonechnyy"Role of a CTO in software outsourcing company", Yuriy Nakonechnyy
"Role of a CTO in software outsourcing company", Yuriy Nakonechnyy
Fwdays38 visualizações
Micron CXL product and architecture updateMicron CXL product and architecture update
Micron CXL product and architecture update
CXL Forum23 visualizações
"AI Startup Growth from Idea to 1M ARR", Oleksandr Uspenskyi"AI Startup Growth from Idea to 1M ARR", Oleksandr Uspenskyi
"AI Startup Growth from Idea to 1M ARR", Oleksandr Uspenskyi
Fwdays25 visualizações
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
Splunk186 visualizações
ChatGPT and AI for Web DevelopersChatGPT and AI for Web Developers
ChatGPT and AI for Web Developers
Maximiliano Firtman161 visualizações
Business Analyst Series 2023 - Week 2 Session 3Business Analyst Series 2023 - Week 2 Session 3
Business Analyst Series 2023 - Week 2 Session 3
DianaGray10319 visualizações
Webinar : Competing for tomorrow’s leaders – How MENA insurers can win the wa...Webinar : Competing for tomorrow’s leaders – How MENA insurers can win the wa...
Webinar : Competing for tomorrow’s leaders – How MENA insurers can win the wa...
The Digital Insurer26 visualizações
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
Splunk188 visualizações
Empathic Computing: Delivering the Potential of the MetaverseEmpathic Computing: Delivering the Potential of the Metaverse
Empathic Computing: Delivering the Potential of the Metaverse
Mark Billinghurst422 visualizações
"Quality Assurance: Achieving Excellence in startup without a Dedicated QA", ..."Quality Assurance: Achieving Excellence in startup without a Dedicated QA", ...
"Quality Assurance: Achieving Excellence in startup without a Dedicated QA", ...
Fwdays32 visualizações
Web Dev - 1 PPT.pdfWeb Dev - 1 PPT.pdf
Web Dev - 1 PPT.pdf
gdsczhcet49 visualizações
Transcript: The Details of Description Techniques tips and tangents on altern...Transcript: The Details of Description Techniques tips and tangents on altern...
Transcript: The Details of Description Techniques tips and tangents on altern...
BookNet Canada106 visualizações
MemVerge: Past Present and Future of CXLMemVerge: Past Present and Future of CXL
MemVerge: Past Present and Future of CXL
CXL Forum110 visualizações
"Ukrainian Mobile Banking Scaling in Practice. From 0 to 100 and beyond", Vad..."Ukrainian Mobile Banking Scaling in Practice. From 0 to 100 and beyond", Vad...
"Ukrainian Mobile Banking Scaling in Practice. From 0 to 100 and beyond", Vad...
Fwdays38 visualizações
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
Splunk82 visualizações
TE Connectivity: Card Edge InterconnectsTE Connectivity: Card Edge Interconnects
TE Connectivity: Card Edge Interconnects
CXL Forum95 visualizações
GigaIO: The March of Composability Onward to Memory with CXLGigaIO: The March of Composability Onward to Memory with CXL
GigaIO: The March of Composability Onward to Memory with CXL
CXL Forum122 visualizações
MemVerge: Gismo (Global IO-free Shared Memory Objects)MemVerge: Gismo (Global IO-free Shared Memory Objects)
MemVerge: Gismo (Global IO-free Shared Memory Objects)
CXL Forum112 visualizações
JCon Live 2023 - Lice coding some integration problemsJCon Live 2023 - Lice coding some integration problems
JCon Live 2023 - Lice coding some integration problems
Bernd Ruecker62 visualizações
Green Leaf Consulting: Capabilities DeckGreen Leaf Consulting: Capabilities Deck
Green Leaf Consulting: Capabilities Deck
GreenLeafConsulting177 visualizações

[PHP] Zend_Db (Zend Framework)

  • 2. Definition Zend_Db and its related classes provide a simple SQL database interface for Zend Framework.
  • 3. Zend_Db_Adapter Zend_Db_Adapter is the basic class you use to connect your PHP application to an RDBMS. There is a different Adapter class for each brand of RDBMS.
  • 4. Zend_Db_Adapter (cont’d) RDBMS Adapter IBM DB2 Pdo_ibm MariaDB Pdo_mysql MySQL Pdo_mysql Microsoft SQL Server Pdo_dblib Oracle Pdo_oci PostgreSQL Pdo_pgsql SQLite Pdo_sqlite
  • 5. Set Connection 1. 2. 3. Using a Zend_Db Adapter Constructor Using the Zend_Db Factory Using Zend_Config with the Zend_Db Factory
  • 6. 1. Using a Zend_Db Adapter Constructor $db = new Zend_Db_Adapter_Pdo_Mysql(array( ’host’ => ’buzoo.biz’, ’username’ => ’root’, ’password’ => ’’, ’dbname’ => ’app_geshucloud’ ));
  • 7. 2. Using the Zend_Db Factory $db = Zend_Db::factory('Pdo_Mysql', array( ’host’ => ’buzoo.biz’, ’username’ => ’root’, ’password’ => ’’, ’dbname’ => ’app_geshucloud’ ));
  • 8. 3. Using Zend_Config with the Zend_Db Factory database.host database.username database.password database.dbname = = = = “buzoo.biz“ “root“ “ “app_geshucloud“ $config = new Zend_Config_Ini(“path/to/config.ini“); $db = Zend_Db::factory(‘Pdo_Mysql‘, $config->database);
  • 9. Set Connection Zend_Db_Table_Abstract::setDefaultAdapter ($db); Get Connection public function db() { return Zend_Db_Table_Abstract::getDefaultAdapter(); }
  • 10. Reading Query Results 1. 2. 3. 4. 5. 6. Fetching a Complete Result Set Fetching a Single Row from a Result Set Fetching a Single Scalar from a Result Set Fetching a Result Set as an Associative Array Fetching Key-Value Pairs from a Result Set Fetching a Single Column from a Result Set
  • 11. 1. Fetching a Complete Result Set $models = $this->db()->fetchAll( “SELECT * FROM `dtb_customer`” ); print_r($models); echo $models[0][`customerID`]; //44 Array ( [0] => Array ( [customerID] [customerName] [customerAddr] [customerPhone] [create_date] [update_date] => => => => => => 44 Adisti Prihartini Maleo 345 Bintan 2390554 2012-10-30 14:29:36 2012-11-27 16:04:45 [customerID] [customerName] [customerAddr] [customerPhone] [create_date] [update_date] => => => => => => 45 Angela Nayoan Van Heutz Boulevard 53 Batavia 2140 2012-10-30 14:29:36 2012-11-27 16:04:45 ) [1] => Array ( ) )
  • 12. 2. Fetching a Single Row from a Result Set $models = $this->db()->fetchRow( “SELECT * FROM `dtb_customer` LIMIT 1” ); print_r($models); echo $models[`customerID`]; //44 Array ( [customerID] [customerName] [customerAddr] [customerPhone] [create_date] [update_date] ) => => => => => => 44 Adisti Prihartini Maleo 345 Bintan 2390554 2012-11-05 10:09:14 2012-11-21 10:35:45
  • 13. 3. Fetching a Single Scalar from a Result Set $models = $this->db()->fetchOne( “SELECT `customerID` FROM `dtb_customer` LIMIT 1” ); print_r($models); echo $models[`customerID`]; 44
  • 14. Modifying Data to the Database 1. 2. 3. Inserting Data Updating Data Deleting Data
  • 15. 1. Inserting Data $this->db()->insert(‘dtb_room_facility‘, array( ‘room_id‘ => 99, ‘facility_id‘ => 99 )); echo $this->db()->lastInsertId(); //5 $model = new Dao_RoomFacility(); $new_id = $model->insert(array( ‘room_id‘ => 99, ‘facility_id‘ => 99 )); echo $new_id; //5
  • 16. 2. Updating Data $update_id = $this->db()->update('dtb_room_facility', array( 'room_id' => 999, 'facility_id' => 999 ), 'id = 999'); echo $update_id; //1 $model = new Dao_RoomFacility(); $update_id = $model->update( array( 'room_id' => 899, 'facility_id' => 899 ), 'id = 899'); echo $update_id; //1
  • 17. 3. Deleting Data $delete_id = $this->db()->delete( '`dtb_room_facility`', '`id` = 999' ); echo $delete_id; //1 $model = new Dao_RoomFacility(); $delete_id = $model->delete( '`id` = 899'); echo $delete_id; //1
  • 18. Preventing SQL Injection $name = "O'Reilly"; $sql = "SELECT * FROM `dtb_customer` WHERE `customerName` = '$name'"; echo $sql; // SELECT * FROM `dtb_customer` WHERE `customerName` = 'O'Reilly'
  • 19. Quoting Values and Identifiers 1. 2. 3. Using quote() Using quoteInto() Using quoteIdentifier()
  • 20. 1. Using quote() $name = $this->db()->quote("O'Reilly"); $sql = "SELECT * FROM `dtb_customer` WHERE `customerName` = $name"; echo $sql; // SELECT * FROM `dtb_customer` WHERE `customerName` = 'O'Reilly' $phone = $this->db()->quote("1234", "INTEGER"); $sql = "SELECT * FROM `dtb_customer` WHERE `customerPhone` = $phone"; echo $sql; // SELECT * FROM `dtb_customer` WHERE `customerPhone` = 1234
  • 21. 2. Using quoteInto() $name = "O'Reilly"; $sql = $this->db()->quoteInto( "SELECT * FROM `dtb_customer` WHERE `customerName` = ?", $name ); echo $sql; // SELECT * FROM `dtb_customer` WHERE `customerName` = 'O'Reilly'
  • 22. Notes  Always store your logic query in Models/Logic/your_logic.php  Minimizing the possibility of SQL injection with quoting values  When creating logic, please reduce the possibility of errors  Always return your logic result value  Always check the existing logic before you make yours
  • 23. Thank you~  Question?  Share?  Critics?  Advice?