mario-deluna
commented
4 years ago Hi there,
$h
->table('posts')
->select()
->where('start_time', 'between', new Expression('2010-01-01 AND 2020-01-01'))
->execute();Will produce the following between query:
select * from `posts` where `start_time` between 2010-01-01 AND 2020-01-01The problem is this way you will loose prepared statements and if you use $_POST directly you have a SQL injection vulnerability.
For now i would just use simple where conditions achieving the same result. But I will keep real between support in my mind for v2.
$h
->table('posts')
->select()
->where(function($q) {
$q->where('start_time', '>', $_POST['start_time']);
$q->where('start_time', '<', $_POST['end_time']);
})
->execute();select * from `posts` where ( `start_time` > ? and `start_time` < ? )
saptarshimondal
Hello ClanCats, first of all thank you for this wonderful library.
I was wondering how can I write "BETWEEN" condition using this library. I have tried this code -
$q->where(new Expression('start_time BETWEEN "'.$_POST['start_time'].'" AND "'.$_POST['end_time'].'" '));But it is generating the query like this -
start_time BETWEEN "<start_time>" AND "<end_time>" = ?I just want to know how can I write raw query inside of where clause ? Just like laravel "whereRaw()". If this is not possible please implement it, because it is very important feature for this library. Thanks.