From 37f4b9caa02783e06dd7c5318200113409a0deb1 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Fri, 1 Jul 2011 17:56:50 -0500 Subject: backed out 648b42a75739, which was a NON-trivial whitespace commit. It broke the Typography class's string replacements, for instance --- user_guide/database/queries.html | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'user_guide/database/queries.html') diff --git a/user_guide/database/queries.html b/user_guide/database/queries.html index 685da43dc..f9f96803f 100644 --- a/user_guide/database/queries.html +++ b/user_guide/database/queries.html @@ -68,14 +68,14 @@ Queries $this->db->query('YOUR QUERY HERE');

The query() function returns a database result object when "read" type queries are run, -which you can use to show your results. When "write" type queries are run it simply returns TRUE or FALSE -depending on success or failure. When retrieving data you will typically assign the query to your own variable, like this:

+which you can use to show your results. When "write" type queries are run it simply returns TRUE or FALSE +depending on success or failure. When retrieving data you will typically assign the query to your own variable, like this:

$query = $this->db->query('YOUR QUERY HERE');

$this->db->simple_query();

-

This is a simplified version of the $this->db->query() function. It ONLY returns TRUE/FALSE on success or failure. +

This is a simplified version of the $this->db->query() function. It ONLY returns TRUE/FALSE on success or failure. It DOES NOT return a database result set, nor does it set the query timer, or compile bind data, or store your query for debugging. It simply lets you submit a query. Most users will rarely use this function.

@@ -100,16 +100,16 @@ CodeIgniter has three methods that help you do this:

  1. $this->db->escape() This function determines the data type so that it -can escape only string data. It also automatically adds single quotes around the data so you don't have to: +can escape only string data. It also automatically adds single quotes around the data so you don't have to: $sql = "INSERT INTO table (title) VALUES(".$this->db->escape($title).")";
    2. -
  2. $this->db->escape_str() This function escapes the data passed to it, regardless of type. +
  3. $this->db->escape_str() This function escapes the data passed to it, regardless of type. Most of the time you'll use the above function rather than this one. Use the function like this: $sql = "INSERT INTO table (title) VALUES('".$this->db->escape_str($title)."')";
    4. -
  4. $this->db->escape_like_str() This method should be used when strings are to be used in LIKE +
  5. $this->db->escape_like_str() This method should be used when strings are to be used in LIKE conditions so that LIKE wildcards ('%', '_') in the string are also properly escaped. $search = '20% raise';
    @@ -130,7 +130,7 @@ $this->db->query($sql, array(3, 'live', 'Rick'));

    The question marks in the query are automatically replaced with the values in the array in the second parameter of the query function.

    -

    The secondary benefit of using binds is that the values are automatically escaped, producing safer queries. You don't have to remember to manually escape data; the engine does it automatically for you.

    +

    The secondary benefit of using binds is that the values are automatically escaped, producing safer queries. You don't have to remember to manually escape data; the engine does it automatically for you.

    -- cgit v1.2.3-24-g4f1b