如何逃避原则中的单引号 [英] How to escape single quotes in Doctrine

问题描述

这是关于教义的一个非常基本的问题。单引号如何转义？

例如，标题需要被转义，因为它包含一个单引号：

  $ query = $ this-> entityManager-> 
 createQuery（SELECT p from \RTH\Entity\Prod p 
 JOIN p.prodns ps 
 JOIN ps.events e 
 WHERE p.title ='。 $ title。'）; 
  

在Doctrine 2中是否有具体的方法？

解决方案

尝试使用准备语句
http://docs.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/data -retrieval-and-manipulation.html＃using-prepared-statements

This is a very basic quesiton about Doctrine. How are single quotes escaped?

For example, title needs to be escaped as it contains a single quote:

    $query = $this->entityManager->
            createQuery("SELECT p  from \RTH\Entity\Prod p
                         JOIN p.prodns ps
                         JOIN ps.events e
                         WHERE p.title = '" . $title . "'");

Is there a specific way to do this in Doctrine 2?

解决方案

Try using prepared statements http://docs.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/data-retrieval-and-manipulation.html#using-prepared-statements

这篇关于如何逃避原则中的单引号的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！