我在MySQL中有这个SQL请求
SELECT * FROM pt WHERE id=98 ORDER BY FIELD (position, 4, 3, 2, 1, 5)
我需要在Yii2中进行查询。我写的时候
'query' => Pt::find()->where(['id' => $model->id])
->OrderBy('FIELD (`position`, 4, 3, 2, 1, 5)')
我收到了
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIMIT 20' at line 1
The SQL being executed was: SELECT * FROM `pt` WHERE `id`=98 ORDER BY FIELD (`position`, `4`, `3`, `2`, `1`, `5)` LIMIT 20
如何在请求中避免``?
答案 0 :(得分:2)
使用yii\db\Expression类,因为它可以帮助您插入RAW代码(不在生成的查询中格式化),但要小心!不要在数据库查询中将用户输入作为RAW插入,因为它会导致严重的漏洞。
工作代码如下:
'query' => Pt::find()->where(['id' => $model->id])
->orderBy(new \yii\db\Expression('FIELD (`position`, 4, 3, 2, 1, 5)'))