The database connection interface specifies how a database connection should look and act.
OxidEsales\EshopCommunity\Core\Database\Adapter\DatabaseInterface::execute |
( |
|
$query, |
|
|
|
$parameters = [] |
|
) |
| |
Execute non read statements like INSERT, UPDATE, DELETE and return the number of rows affected by the statement. This method has to be used EXCLUSIVELY for non read statements.
IMPORTANT: You are strongly encouraged to use prepared statements like this: $resultSet = DatabaseProvider::getDb->execute( 'DELETE * FROM mytable
WHERE id
= ? OR id
= ?', array($id1, $id2) ); If you do not use prepared statements, you MUST quote variables the values with quote(), otherwise you create a SQL injection vulnerability.
- Parameters
-
string | $query | The sql select statement to be executed. |
array | $parameters | The parameters array. |
- Exceptions
-
- Returns
- integer Number of rows affected by the SQL statement
OxidEsales\EshopCommunity\Core\Database\Adapter\DatabaseInterface::getAll |
( |
|
$query, |
|
|
|
$parameters = [] |
|
) |
| |
Get an multi-dimensional array of arrays with the values of the all rows of a given sql SELECT or SHOW statement. Returns an empty array for any other statement.
The keys of the first level array are numeric. The keys of the second level arrays may be numeric, strings or both, depending on the FETCH_MODE_* of the connection. Set the desired fetch mode with DatabaseInterface::setFetchMode() before calling this method.
IMPORTANT: You are strongly encouraged to use prepared statements like this: $result = DatabaseProvider::getDb->getAll( 'SELECT * FROM ´mytable´ WHERE ´id´ = ? OR ´id´ = ? LIMIT 0, 1', array($id1, $id2) ); If you do not use prepared statements, you MUST quote variables the values with quote(), otherwise you create a SQL injection vulnerability.
- Parameters
-
string | $query | If parameters are given, the "?" in the string will be replaced by the values in the array |
array | $parameters | Array of parameters, for the given sql statement. |
- See also
- DatabaseInterface::setFetchMode()
-
Doctrine::$fetchMode
- Exceptions
-
OxidEsales\EshopCommunity\Core\Database\Adapter\DatabaseInterface::getCol |
( |
|
$query, |
|
|
|
$parameters = [] |
|
) |
| |
Return the first column of all rows of the results of a given sql SELECT or SHOW statement as an numeric array. Throws an exception for any other statement.
IMPORTANT: You are strongly encouraged to use prepared statements like this: $result = DatabaseProvider::getDb->getRow( 'SELECT * FROM ´mytable´ WHERE ´id´ = ? LIMIT 0, 1', array($id1) ); If you do not use prepared statements, you MUST quote variables the values with quote(), otherwise you create a SQL injection vulnerability.
- Parameters
-
string | $query | The sql select statement to be executed. |
array | $parameters | The parameters array. |
- Exceptions
-
- Returns
- array The values of the first column of a corresponding sql query.
OxidEsales\EshopCommunity\Core\Database\Adapter\DatabaseInterface::getRow |
( |
|
$query, |
|
|
|
$parameters = [] |
|
) |
| |
Get an array with the values of the first row of a given sql SELECT or SHOW statement . Returns an empty array for any other statement. The returned value depends on the fetch mode.
- See also
- DatabaseInterface::setFetchMode() for how to set the fetch mode
The keys of the array may be numeric, strings or both, depending on the FETCH_MODE_* of the connection. Set the desired fetch mode with DatabaseInterface::setFetchMode() before calling this method.
NOTE: Although you might pass any SELECT or SHOW statement to this method, try to limit the result of the statement to one single row, as the rest of the rows is simply discarded.
IMPORTANT: You are strongly encouraged to use prepared statements like this: $result = DatabaseProvider::getDb->getOne( 'SELECT ´id´ FROM ´mytable´ WHERE ´id´ = ? LIMIT 0, 1', array($id1) ); If you do not use prepared statements, you MUST quote variables the values with quote(), otherwise you create a SQL injection vulnerability.
- Parameters
-
string | $query | The sql select statement to be executed. |
array | $parameters | Array of parameters, for the given sql statement. |
- Returns
- array The row, we selected with the given sql statement.
OxidEsales\EshopCommunity\Core\Database\Adapter\DatabaseInterface::quote |
( |
|
$value | ) |
|
Quote a string or a numeric value in a way, that it might be used as a value in a sql statement. Returns false for values that cannot be quoted.
NOTE: It is not safe to use the return value of this function in a query. There will be no risk of SQL injection, but when the statement is executed and the value could not have been quoted, a DatabaseException is thrown. You are strongly encouraged to always use prepared statements instead of quoting the values on your own. E.g. use $resultSet = DatabaseProvider::getDb->select( 'SELECT * FROM ´mytable´ WHERE ´id´ = ? OR ´id´ = ?', array($id1, $id2) ); instead of $resultSet = DatabaseProvider::getDb->select( 'SELECT * FROM ´mytable´ WHERE ´id´ = ' . DatabaseProvider::getDb->quote($id1) . ' OR ´id´ = ' . DatabaseProvider::getDb->quote($id1) );
- Parameters
-
mixed | $value | The string or numeric value to be quoted. |
- Returns
- false|string The given string or numeric value converted to a string surrounded by single quotes or set to false, if the value could not have been quoted.
OxidEsales\EshopCommunity\Core\Database\Adapter\DatabaseInterface::quoteArray |
( |
|
$array | ) |
|
Quote every value in a given array in a way, that it might be used as a value in a sql statement and return the result as a new array. Numeric values will be converted to strings which quotes. The keys and their order of the returned array will be the same as of the input array.
NOTE: It is not safe to use the return value of this function in a query. There will be no risk of SQL injection, but when the statement is executed and the value could not have been quoted, a DatabaseException is thrown. You are strongly encouraged to always use prepared statements instead of quoting the values on your own.
- Parameters
-
array | $array | The strings to quote as an array. |
- Returns
- array Array with all string and numeric values quoted with single quotes or set to false, if the value could not have been quoted.
OxidEsales\EshopCommunity\Core\Database\Adapter\DatabaseInterface::select |
( |
|
$query, |
|
|
|
$parameters = [] |
|
) |
| |
Return the results of a given sql SELECT or SHOW statement as a ResultSet. Throws an exception for any other statement.
The values of first row of the result may be via resultSet's fields property. This property is an array, which keys may be numeric, strings or both, depending on the FETCH_MODE_* of the connection. All further rows can be accessed via the specific methods of ResultSet.
IMPORTANT: You are strongly encouraged to use prepared statements like this: $resultSet = DatabaseProvider::getDb->select( 'SELECT * FROM ´mytable´ WHERE ´id´ = ? OR ´id´ = ?', array($id1, $id2) ); If you do not use prepared statements, you MUST quote variables the values with quote(), otherwise you create a SQL injection vulnerability.
- Parameters
-
string | $query | The sql select statement to be executed. |
array | $parameters | The parameters array for the given query. |
- Exceptions
-
DatabaseErrorException | The exception, that can occur while executing the sql statement. |
- Returns
- \OxidEsales\Eshop\Core\Database\Adapter\ResultSetInterface The result of the given query.
OxidEsales\EshopCommunity\Core\Database\Adapter\DatabaseInterface::selectLimit |
( |
|
$query, |
|
|
|
$rowCount = -1 , |
|
|
|
$offset = 0 , |
|
|
|
$parameters = [] |
|
) |
| |
Return the results of a given sql SELECT or SHOW statement limited by a LIMIT clause as a ResultSet. Throws an exception for any other statement.
The values of first row of the result may be via resultSet's fields property. This property is an array, which keys may be numeric, strings or both, depending on the FETCH_MODE_* of the connection. All further rows can be accessed via the specific methods of ResultSet.
IMPORTANT: You are strongly encouraged to use prepared statements like this: $resultSet = DatabaseProvider::getDb->selectLimit( 'SELECT * FROM ´mytable´ WHERE ´id´ = ? OR ´id´ = ?', $rowCount, $offset, array($id1, $id2) ); If you do not use prepared statements, you MUST quote variables the values with quote(), otherwise you create a SQL injection vulnerability.
- Parameters
-
string | $query | The sql select statement to be executed. |
int | $rowCount | Maximum number of rows to return |
int | $offset | Offset of the first row to return |
array | $parameters | The parameters array. |
- Exceptions
-
DatabaseErrorException | The exception, that can occur while executing the sql statement. |
- Returns
- ResultSetInterface The result of the given query.
OxidEsales\EshopCommunity\Core\Database\Adapter\DatabaseInterface::setConnectionParameters |
( |
array |
$connectionParameters | ) |
|
Set the necessary connection parameters to connect to the database. The parameter array must at least contain the key 'default'. E.g. [ 'default' => [ 'databaseDriver' => '', // string At the moment only 'pdo_mysql' is supported 'databaseHost' => '', // string 'databasePort' => '', // integer Optional, defaults to port 3306 'databaseName' => '', // string 'databaseUser' => '', // string 'databasePassword' => '', // string 'connectionCharset' => '', // string Optional, defaults to the servers connection character set ] ]
- Parameters
-
array | $connectionParameters | |
OxidEsales\EshopCommunity\Core\Database\Adapter\DatabaseInterface::setFetchMode |
( |
|
$fetchMode | ) |
|
Set the fetch mode of an open database connection.
After the connection has been opened, this method may be used to set the fetch mode to any of the valid fetch modes as defined in DatabaseInterface::FETCH_MODE_*
NOTE: This implies, that it is not safe to make any assumptions about the current fetch mode of the connection.
- Parameters
-
int | $fetchMode | See DatabaseInterface::FETCH_MODE_* for valid values |
OxidEsales\EshopCommunity\Core\Database\Adapter\DatabaseInterface::setTransactionIsolationLevel |
( |
|
$level | ) |
|
Note: This method is MySQL specific, as we use the MySQL syntax for setting the transaction isolation level.
- See also
- Doctrine::transactionIsolationLevelMap
- Returns
- bool|integerSet the transaction isolation level. Allowed values 'READ UNCOMMITTED', 'READ COMMITTED', 'REPEATABLE READ' and 'SERIALIZABLE'.
NOTE: Currently the transaction isolation level is set on the database session and not globally. Setting the transaction isolation level globally requires root privileges in MySQL an this application should not be executed with root privileges. If you need to set the transaction isolation level globally, ask your database administrator to do so,
- Parameters
-
string | $level | The transaction isolation level |
- Exceptions
-