SQL 语句中文字前的冒号是什么意思?
在变量前使用:"是什么意思?
What does it mean to use ":" before a variable ?
例如这段代码中的:userId:
public function removeUser($userId)
{
$command = Yii::app()->db->createCommand();
$command->delete(
'tbl_project_user_assignment',
'user_id=:userId AND project_id=:projectId',
array(':userId'=>$userId,':projectId'=>$this->id));
}
这是Yii框架中的PHP、MySQL代码.
This is PHP,MySQL code in Yii framework.
推荐答案
冒号是一个常用字符,它表示 SQL 语句中变量值的占位符.在这种情况下,这些占位符在运行时被 userId 和 project_id 的值替换.这对于避免 SQL 注入漏洞非常有用.
The colon is a common character that indicates a placeholder for a variable value in a SQL statement. In this case, the those placeholders are getting replaced by the value of userId and project_id at runtime. This is great for avoiding SQL injection vulnerabilities.
相关文章