Operator
Issue #4
resolved
My sql with operator doesn't not working.
$sql = "DELETE FROM 'mytable' WHERE myfield < 10" by example $db->query($sql)->execute() ;
Comments (4)
-
-
repo owner Issue
#5was marked as a duplicate of this issue. -
Simply change
public function query($query) { $this -> _query = filter_var($query, FILTER_SANITIZE_STRING); return $this; }
to
public function query($query,$filtered=false) { if ($filtered == false { $this -> _query = $query; } else { $this -> _query = filter_var($query, FILTER_SANITIZE_STRING); return $this -> _query; } }
Then if you want to filter the query call ->query($sql,true) for filter or ->query($sql) for unfiltered
Personally I dont like my queries filtered as I check the fields first of setting a query.
-
repo owner - changed status to resolved
The issue has been resolved on v1.2.6 version. Thanks @nargotik
- Log in to comment
This is because query() uses filter_var which chokes on the "<". I'd call this a severe bug as it breaks valid SQL, and the comments clearly indicate that this function should execute raw SQL.