$content='test';
$q="select * from mytable where id=':content' or name like ':content'";
$c=$this->getDbConnection()->createCommand($q);
$c->bindParam(':content',$content);
$c->query();
...
into model’s method, why if I check query log I see that bindParam don’t change $content value into query so the query that will execute is:
select * from mytable where id=':content' or name like ':content'
??
Something if I use bindValue or bindValues and with other placeholder and also if I have more than one placeholder into query.
With your tip I can see in log that my query is bounded with param but if I print something like:
print_r($rows);
with $rows defined by:
$c=$this->getDbConnection()->createCommand("
select * from mytable where id=':content' or name like ':content'
");
$c->bindValue(':content','qwe');
$rows=$c->query();
print_r($rows);
I obtain
CDbDataReader Object
(
[_statement:CDbDataReader:private] => PDOStatement Object
(
[queryString] =>
select * from mytable where id=':content' or name like ':content'
)
[_closed:CDbDataReader:private] =>
[_row:CDbDataReader:private] =>
[_index:CDbDataReader:private] => -1
[_e:CComponent:private] =>
[_m:CComponent:private] =>
)
so I think my query is not bind and an empty recordset: $rows->rowCount is zero!
I’ve understand that queryString in CDbDataReader haven’t replacing for placeholders and bindParam (bindValue) add after and before “’” because apply string sanitization. My query have “’” into body so the command after bind was:
select * from mytable where id=''qwe'' or name=''qwe''
