我正在使用代码点火器来使用一些查询,这是我的代码到目前为止,我的代码是否正确?已解决在SQL查询中插入PHP variabel Codeigniter
$this->db->select("(SELECT SUM(grand_total) FROM Sales_order WHERE member = '2') - (SELECT SUM(amount) FROM payment WHERE member_id = '2') AS total_sales");
以及如何更改号码2本variabel $这 - >会话级>用户数据( 'ID')
谢谢你们
试试这个
$this->db->select("(SELECT SUM(grand_total) FROM Sales_order WHERE member = '".$this->session->userdata('ID')."') - (SELECT SUM(amount) FROM payment WHERE member_id = '".$this->session->userdata('ID')."') AS total_sales"');
sql注入? –
不,它只是SUM查询我的应用程序 –
谢谢你,配合它的工作:),很好! –
你可以使用Query Bindings像下面这样自动转义它:
$sql = "(SELECT SUM(grand_total) FROM Sales_order WHERE member = '?') - (SELECT SUM(amount) FROM payment WHERE member_id = '?') AS total_sales";
$this->db->query($sql, array($this->session->userdata('ID'),$this->session->userdata('ID')));
感谢队友,这将是我的替代:) –
from doc https://www.codeigniter.com/userguide3/database/queries.html#query-bindings –
谢谢@HoàngĐăng我会检查一下:) –