...
The method cDb::query() became much more fexible and now can be called in different styles variants with different parameter lists.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
// query(string $statement [, mixed $args [, mixed $... ]])
$db->query('SELECT * FROM `%s` WHERE idart = %d AND idlang = %d', $cfg['tab']['art_lang'], $idart, $idlang);
if ($db->nextRecord()) {
echo $db->f('title');
} |
In this example the method will be called with four parameters. Please assure that for each formatting instruction (e.g. %s) exactly one parameter with its value is given.
...
Using this variant strings don't have to be manually escaped (cSecurity::escapeDB()) and integer values don't have to be casted (cSecurity::toInteger()) anymore. This will be assured automatically and the code will become more concise and more readable.
3. Variant
Alternativ kann man Another variant is to call cDb::query() auch mit 2 Parametern aufrufen, wobei der erste Parameter die SQL-Anweisung in Form eines Formatierungsstrings ist und der zweite Parameter eine indexbasierte Liste mit Werten, die mit den Formatierungs-Anweisungen in der SQL-Anweisung verarbeitet werden.with exactly two parameters, the SQL statement as in the second variant and, as second parameter, an array containing all values that should be used for substitution.
| Code Block | ||||
|---|---|---|---|---|
| ||||
// query(string $statement, array $values)
$values = array($cfg['tab']['art_lang'], $idart, $idlang);
$db->query('SELECT * FROM `%s` WHERE idart = %d AND idlang = %d', $values); |
Compared the the second variant, all values will just be passed together as an array but there is no difference in the behaviour.