Hi,
I’m trying to write set the CDbCriteria multiple time like this but it doesn’t seem to work.
$criteria = new CDbCriteria();
if(isset($condition)){
$criteria->condition = 'field = :condition';
$criteria->params[':condition'] = $condition;
}
if(isset($limit)){
[b]$criteria->limit = ':limit';
$criteria->params[':limit'] = $limit;[/b]
}
if(isset($order)){
[b]$criteria->order = ':order';
$criteria->params[':order'] = $order;[/b]
}
$results = $dbObj->findAllByPk($pIds, $criteria);
For some reasons it doesn’t like the 2nd and 3rd time I set the parameters or please enlighten me on how to do something like that. Looks like $criteria->limit = ‘field DESC’ works but isn’t that vulnerable to SQL injection?
Thanks in advance guys!