Ammar Hayder Khan
Reputation: 1335
Doctrine query syntax error
I have a value in database like stackover/'!@#/\;"""'.;\';'./ with all special char. Now my problem is that how can I build a query like:
$linkName= // getting from db
$sql_sm="SELECT d FROM MyBundle:MyTable d WHERE d.name = '$linkName'";
I am getting an error:
[Syntax Error] line 0, col 115: Error: Expected end of string, got '\'
Upvotes: 1
Views: 2717
Answers (1)
Maerlyn
Reputation: 34105
Use the placeholder support of doctrine orm:
$query = $em->createQuery('SELECT d FROM MyBundle:MyTable d WHERE d.name = ?1');
$query->setParameter(1, $linkName);
$users = $query->getResult();
This way you can prevent errors like yours, and what's more important: SQL injection.
Another relevant point in this approach is that the DQL string remains constant. Each time DQL is changed, both the query cache and the result cache keys change, which basically means that you get a huge performance loss.
Upvotes: 3
Related Questions
- Doctrine DQL query to Mysql query syntax error
- Doctrine query error unknow column
- Error with a query - Doctrine2/Symfony2
- Doctrine - Symfony query error
- Syntax error on a doctrine query (Symfony2)
- Symfony Doctrine QueryException Expected Literal, got 'WHERE'
- Converting SQL query into Doctrine, Error
- Making a query with doctrine in Symfony2 gives Semantical error
- Query issue using Doctrine2 : Error: Expected end of string, got '.'
- Syntax error - Doctrine\ORM\Query\QueryException