...
Parameter | Description |
---|---|
$where | Takes the update's |
$limit | You can limit the number of records that you will update. |
Note |
---|
|
delete()
Method signature: delete($table, $where = '', $limit = 0, $use_cache = true, $add_prefix = true)
.
...
Code Block |
---|
DELETE FROM `prefix_target_table` WHERE myField < 15 LIMIT 3 |
Note |
---|
|
execute()
Method signature: execute($sql, $use_cache = 1)
.
...
Tip |
---|
You should use |
Note |
---|
|
query()
Method signature: query($sql)
.
...
Code Block |
---|
$sql = 'SELECT * FROM '._DB_PREFIX_.'shop'; if ($results = Db::getInstance()->ExecuteS($sql)) foreach ($results as $row) echo $row['id_shop'].' :: '.$row['name'].'<br />'; |
Note |
---|
|
getRow()
Method signature: getRow($sql, $use_cache = 1)
.
...
Code Block |
---|
$sql = 'SELECT * FROM '._DB_PREFIX_.'shop WHERE id_shop = 42’; if ($row = Db::getInstance()->getRow($sql)) echo $row['id_shop'].' :: '.$row['name']; |
Note |
---|
|
getValue()
Method signature: getValue($sql, $use_cache = 1)
.
...
Insert_ID()
: returns the ID created during the latestINSERT
query.Affected_Rows()
: returns the number of lines impacted by the latestUPDATE
orDELETE
query.getMsgError()
: returns the latest error message, if the query has failed.getNumberError()
: returns the latest error number, if the query has failed.
Security
Note that none of the above methods escape the query itself. You will have to do that using either pSQL()
or bqSQL()
.
pSQL()
is an alias for Db::getInstance()->escape($string, $htmlOK);
It has the following PHPDoc comment:
Code Block |
---|
/**
* Sanitize data which will be injected into SQL query
*
* @param string $string SQL data which will be injected into SQL query
* @param bool $htmlOK Does data contain HTML code ? (optional)
* @return string Sanitized data
*/ |
It accepts a string that will be sanitized by the function. If your string contains HTML-code, be sure to pass the argument $htmlOK = true
as well.
bqSQL()
can also be used. Note that besides escaping the `
character, it also calls pSQL()
afterwards, but without the option to sanitize HTML.