ZF-11454: Zend_Db is said not to quote the "where", but it does, or at least may, depending on the $where variable

Issue Type: Docs: Problem Created: 2011-06-08T14:11:12.000+0000 Last Updated: 2011-06-08T14:11:12.000+0000 Status: Open Fix version(s): Reporter: Tomáš Fejfar ( Assignee: Ralph Schindler (ralph) Tags: - Zend_Db

Related issues: Attachments:


At… manual states: "Since the table delete() method proxies to the database adapter delete() method, the argument can also be an array of SQL expressions. The expressions are combined as Boolean terms using an AND operator.

Note: The values and identifiers in the SQL expression are not quoted for you. If you have values or identifiers that require quoting, you are responsible for doing this. Use the quote(), quoteInto(), and quoteIdentifier() methods of the database adapter. "

But in fact there is a third option - sending the $where parameter od delete() method as array, that is used for quotation using quoteInto - array('bugs_id = ?' => $bugId);

I suggest adding more info to the Docs along these lines (sorry for my not excelent english):

Note: You can also pass the expressions using and array, that has syntax somewhat simmilar to the Zend_Db_Select's where() method like this: $adapter->delete(array('bugs_id = ?' => $bugId)) Such expressions will be properly escaped using the quoteInto() method.


No comments to display

Have you found an issue?

See the Overview section for more details.


© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.