我的laravel 4查询如下:
foreach (Input::get('classrooms') as $keyc=>$valuec) {
foreach (Input::get('subject') as $keys=>$values) {
$valuesArray[] = "('".$valuec."','".$values."')";
}
}
$someVariable = implode(",",$valuesArray);
DB::select( DB::raw("INSERT IGNORE INTO classrooms_subjects (`classroom_id`,`subject_id`) VALUES $someVariable"));
如果这是最安全的方式和任何解决方案,我真的很担心..
我做了一些研究并找到了一种方法,但不确定它是否安全: 如果以下代码是安全的,请告诉我:
$sql = "INSERT INTO classrooms_subjects (".implode(",", $columns).") ";
$sql .= " SELECT ".implode(",", $columns)." FROM classrooms_subjects WHERE id IN (".$toCopy.")";
DB::insert($sql);
答案 0 :(得分:0)
如果您需要绑定一些数据,请尝试这样(根据文档):
DB::insert(
'INSERT IGNORE INTO classrooms_subjects (`classroom_id`,`subject_id`) VALUES (?, ?)',
[$classroomId, $subjectId]
);
您可以在此处使用数组作为secound参数传递数据。