Pra*_*ash 7 php mysql sql select symfony
我有以下查询:
$query = $em->createQueryBuilder()
->select('u.id, u.username, u.username_canonical, u.email, u.email_canonical, u.last_login, u.name, u.type, u.phone, u.site, u.agency, u.subtype, u.info, u.created_date, u.vip')
->from('ContrateAdminBundle:Fosuser', 'u')
->where('u.created_date BETWEEN "'.$fromdateaccounts.'" AND "'.$todateaccounts.'" ')
->getQuery();
$results = $query->getResult();
在Symfony中获取用户数据,但是我收到以下错误:
[Syntax Error] line 0, col 223: Error: Expected Literal, got '"'
500 Internal Server Error - QueryException
1 linked Exception: QueryException »
我的查询输出是:
SELECT u.id, u.username, u.username_canonical, u.email, u.email_canonical, u.last_login, u.name, u.type, u.phone, u.site, u.agency, u.subtype, u.info, u.created_date, u.vip
FROM ContrateAdminBundle:Fosuser u
WHERE u.created_date BETWEEN "2014-08-04 13:29" AND "2014-10-30 13:29"
SQL中的字符串文字用单引号表示',而不是双引号",因此您必须通过以下方式替换"查询中的as字符串分隔符':
$query = $em->createQueryBuilder()
->select('u.id, u.username, u.username_canonical, u.email, u.email_canonical, u.last_login, u.name, u.type, u.phone, u.site, u.agency, u.subtype, u.info, u.created_date,u.vip')
->from('ContrateAdminBundle:Fosuser', 'u')
->where('u.created_date BETWEEN \'${fromdateaccounts}\' AND \'{$todateaccounts}\'')
->getQuery();
请使用参数。接受的答案可能会生成 SQL 注入。
->where('u.something = ?1')
->setParameter(1, '')