我搜索网但我找不到解决问题的方法, 我是Codeigniter开发人员,现在我在Laravel开始了一个项目
我在Codeigniter Active记录中的查询是这样的:
public function show_brt($id = 0,$tax_cat_id,$lang="en")
{
$records = $this->db
->select('
t1.id,
t1.date_received,
t1.customer_name,
t1.memo,
t1.percent_tax_withheld,
t1.gross_invoice_amount,
t1.tax_amount_withheld,
t1.net_amount_received,
t1.tax_payment_date,
t2.rate,
t3.name_' . $lang. ' AS deposit_account'
)
->from('brt AS t1')
->join('exchange_rate AS t2', 't2.id = t1.exchange_rate_id','left')
->join('balance_sheet_accounts AS t3', 't3.id = t1.deposit_account_id','left')
->where('t1.income_statement_account_id', $id)
->where('t1.tax_cat_id',$tax_cat_id)
->where('t1.company_id', $this->session->userdata('company_id'))
->where('t1.fiscal_year_id', $this->session->userdata('fiscal_year_id'))
->where('t1.user_id', $this->m_auth->get_user_id())
->get();
if ($records->num_rows() > 0) {
return $records;
}
}
任何人都可以帮助我,我怎样才能像Laravel Eloquent或Fluent中的sql注入那样安全地编写这些查询。
答案 0 :(得分:2)
试试这段代码:我基本上来自CI。我做了一次迁移。这可能不是最佳解决方案。我没有测试。
DB::table('brt AS t1')
->select('t1.id,
t1.date_received,
t1.customer_name,
t1.memo,
t1.percent_tax_withheld,
t1.gross_invoice_amount,
t1.tax_amount_withheld,
t1.net_amount_received,
t1.tax_payment_date,
t2.rate,
t3.name_' . $lang. ' AS deposit_account'
)
->leftjoin('exchange_rate AS t2', 't2.id', '=', 't1.exchange_rate_id')
->leftjoin('balance_sheet_accounts AS t3', 't3.id', '=', 't1.deposit_account_id')
->where('t1.income_statement_account_id', '=',$id)
->where('t1.income_statement_account_id','=', $id)
->where('t1.tax_cat_id','=',$tax_cat_id)
->where('t1.company_id','=', $this->session->userdata('company_id'))
->where('t1.fiscal_year_id','=', $this->session->userdata('fiscal_year_id'))
->where('t1.user_id','=', $this->m_auth->get_user_id())
->get();