Basic functions - adampatterson/Dingo-Framework GitHub Wiki

Simple SQL Query

This is all you have to do to make a simple SQL query with Dingo:

$data = db::query('SELECT * FROM `my_table`');

The data from the SELECT query above is returned in a multidimensional array of objects and could be accessed - for example - in the following way:

foreach($data as $row)
{
  echo $row->my_column.'<br/>';
}

You can make any other kind of SQL queries as well:

db::query("DELETE FROM `my_table` WHERE `id`='123456'");

Cleaning User Form Data

Before using user form data in a SQL query you should always clean it to prevent any possible SQL Injection attacks. Here's how you do it in Dingo:

// Get the user's form data
$unsafe_data = input::post('username');

// Clean the user's data and surround it with quotes
$safe_data = db::quote($unsafe_data);

// Use it in a query
$results = db::query("SELECT * FROM `users` WHERE `username`=$safe_data");

Note: it is still possible to use db::clean() instead of db::quote(), but it is highly discouraged to do so.

Basic functions - adampatterson/Dingo-Framework GitHub Wiki

Simple SQL Query

Cleaning User Form Data

⚠️ **GitHub.com Fallback** ⚠️

⚠️ GitHub.com Fallback ⚠️