要執行一個SQL查詢,應該遵循以下步驟 -
-
創建一個 yii\db\Command 的 SQL查詢命令
-
綁定參數(非必須)
-
執行命令
第1步 - 創建一個 actionTestDb()方法在 SiteController 控制器中。
public function actionTestDb(){
// return a set of rows. each row is an associative array of column names and values.
// an empty array is returned if the query returned no results
$users = Yii::$app->db->createCommand('SELECT * FROM user LIMIT 5')
->queryAll();
var_dump($users); echo '<hr/>';
// return a single row (the first row)
// false is returned if the query has no result
$user = Yii::$app->db->createCommand('SELECT * FROM user WHERE id=1')
->queryOne();
var_dump($user);echo '<hr/>';
// return a single column (the first column)
// an empty array is returned if the query returned no results
$userName = Yii::$app->db->createCommand('SELECT name FROM user')
->queryColumn();
var_dump($userName); echo '<hr/>';
// return a scalar value
// false is returned if the query has no result
$count = Yii::$app->db->createCommand('SELECT COUNT(*) FROM user')
->queryScalar();
var_dump($count);
}
上述例子演示從一個資料庫中獲取數據的幾種方法。
第2步 - 在流覽器打開URL地址:http://localhost:8080/index.php?r=site/test-db ,會看到輸出如下圖所示。
創建一個 SQL命令
要創建使用參數的 SQL 命令,應該始終使用綁定參數的方法來防止SQL注入攻擊。
第1步 - 修改 actionTestDb() 方法使用以以下的方式。
public function actionTestDb() {
$firstUser = Yii::$app->db->createCommand('SELECT * FROM user WHERE id = :id')
->bindValue(':id', 1)
->queryOne();
var_dump($firstUser);echo '<hr/>';
$params = [':id' => 2, ':name' => 'User2'];
$secondUser = Yii::$app->db->createCommand('SELECT * FROM user WHERE
id = :id AND name = :name')
->bindValues($params)
->queryOne();
var_dump($secondUser);echo '<hr/>';
//another approach
$params = [':id' => 3, ':name' => 'User3'];
$thirdUser = Yii::$app->db->createCommand('SELECT * FROM user WHERE
id = :id AND name = :name', $params)
->queryOne();
var_dump($thirdUser);
}
在上面的代碼中 -
-
bindValue() − 綁定單個參數值
-
bindValues() − 綁定多個參數值
INSERT, UPDATE 和 DELETE 查詢
對於INSERT,UPDATE和DELETE查詢,可調用 insert(), update() 和 delete() 方法。
第1步 - 修改 actionTestDb() 方法並使用以下代碼:
public function actionTestDb() {
// INSERT (table name, column values)
Yii::$app->db->createCommand()->insert('user', [
'name' => 'My New User',
'email' => 'mynewuser@gmail.com',
])->execute();
$user = Yii::$app->db->createCommand('SELECT * FROM user WHERE name = :name')
->bindValue(':name', 'My New User')
->queryOne();
var_dump($user);echo '<hr/>';
// UPDATE (table name, column values, condition)
Yii::$app->db->createCommand()->update('user', ['name' => 'My New User
Updated'], 'name = "My New User"')->execute();
$user = Yii::$app->db->createCommand('SELECT * FROM user WHERE name = :name')
->bindValue(':name', 'My New User Updated')
->queryOne();
var_dump($user);echo '<hr/>';
// DELETE (table name, condition)
Yii::$app->db->createCommand()->delete('user', 'name = "My New User
Updated"')->execute();
$user = Yii::$app->db->createCommand('SELECT * FROM user WHERE name = :name')
->bindValue(':name', 'My New User Updated')
->queryOne();
var_dump($user);
}
第2步 - 在流覽器打開URL地址:http://localhost:8080/index.php?r=site/test-db,會看到輸出如下圖所示。
