\Yii::$app->db ->createCommand("UPDATE user SET first_name = 'Tom' WHERE id = " . $_GET['id']) ->execute();
\Yii::$app->db ->createCommand("UPDATE user SET first_name = :name WHERE id = :id)
->bindValue(':name', 'Tom')
->bindValue(':id', $_GET['id'])
->execute();
Alternatively, we can use the bindValues() method to bind several parameters into a
single call:
\Yii::$app->db ->createCommand("UPDATE user SET first_name = :name WHERE id = :id)
->bindValues([ ':name' => 'Tom', ':id' => $_GET['id'] ])
->execute();
For convenience, the previous query can be rewritten so that the parameters are in line
with the createCommand() method:
$params = [ ':name' => 'Tom', ':id' => $_GET['id'] ];
\Yii::$app->db ->createCommand("UPDATE user SET first_name = :name WHERE id = :id, $params) ->execute();
No hay comentarios:
Publicar un comentario