Menu
When using string interpolation, sprintf or generally any form of dynamically creating an SQL query string, PhpStorm usually trips up. For example:
$placeholders = join(', ', array_fill(0, count($ids), '?'));
$stmt = $db->prepare("SELECT * FROM foo WHERE bar IN ($placeholders)");
$stmt->execute($ids);
or:
$db->prepare(sprintf('INSERT .. (%s) ..', $foo))
These understandably trigger some sort of SQL syntax error warning in PhpStorm. Is there any way to suppress those without outright disabling SQL language parsing?
626
String interpolation is just a syntax sugar for formatting string. It gives you no protection against SQL injection. You should use SQL parameters to provide values for your query.
This SQL error generally means that somewhere in the query, there is invalid syntax. Some common examples: Using a database-specific SQL for the wrong database (eg BigQuery supports DATE_ADD, but Redshift supports DATEADD) Typo in the SQL (missing comma, misspelled word, etc)
SQLInterpolation is an SQL builder which uses String interpolation since Scala 2.10. The usage is pretty simple - just embedding values into sql"“ template without #bind or #bindByName .
I found the definitive answer to this problem from Jetbrains Blog:
http://blog.jetbrains.com/phpstorm/2014/11/database-language-injection-configuration/
You need to add \%\w+. in your Tools > Database section.
68
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
