ZF-6517: /zend.db.table.html#zend.db.table.fetch-all should demonstrate use of bind variables

Issue Type: Docs: Improvement Created: 2009-05-04T04:27:55.000+0000 Last Updated: 2009-11-20T12:28:24.000+0000 Status: Resolved Fix version(s): Reporter: Roger Hunwicks (rhunwicks) Assignee: Mickael Perraud (mikaelkael) Tags: - Zend_Db_Table

Related issues: - ZF-6463


Description… draws attention to the new API for Zend_Db_Table::fetchAll which allows passing in a Zend_Db_Table_Select object.

However, the example uses a where clause without a bind variable. This causes Zend_Db_Select to use Zend_Db_Adapter::quoteInto() to substitute the value into the where clause.

It is much better practice to use bind variables, and I suggest changing the example to:

<pre class="highlight">
// Fetching a rowset
$rows = $table->fetchAll('bug_status = "NEW"', 'bug_id ASC', 10, 0);
$rows = $table->fetchAll($table->select()->where('bug_status = :status')
                                         ->order('bug_id ASC')
                                         ->limit(10, 0));

// Fetching a single row
$row = $table->fetchRow('bug_status = "NEW"', 'bug_id ASC');
$row = $table->fetchRow($table->select()->where('bug_status = :status')
                                        ->order('bug_id ASC'));


Posted by Mickael Perraud (mikaelkael) on 2009-11-20T12:28:23.000+0000

Fixed with r19139

Have you found an issue?

See the Overview section for more details.


© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.