Menu
I am dissecting some code and came across this,
$sql = 'SELECT page.*, author.name AS author, updator.name AS updator ' . 'FROM '.TABLE_PREFIX.'page AS page ' . 'LEFT JOIN '.TABLE_PREFIX.'user AS author ON author.id = page.created_by_id ' . 'LEFT JOIN '.TABLE_PREFIX.'user AS updator ON updator.id = page.updated_by_id ' . 'WHERE slug = ? AND parent_id = ? AND (status_id='.Page::STATUS_REVIEWED.' OR status_id='.Page::STATUS_PUBLISHED.' OR status_id='.Page::STATUS_HIDDEN.')'; I am wondering what the "?" does in the WHERE statement. Is it some sort of parameter holder?
389
You might be looking at Prepared Statements in JDBC or something. In that case, the question marks are placeholders for parameters to the statement.
The WHERE clause is used to filter records. It is used to extract only those records that fulfill a specified condition.
The LIKE operator is used in a WHERE clause to search for a specified pattern in a column.
The SELECT statement is used to select data from a database. The data returned is stored in a result table, called the result-set.
Prepared statments use the '?' in MySQL to allow for binding params to the statement. Highly regarded as more secure against SQL injections if used properly. This also allows for quicker SQL queries as the request only has to be compiled once and can be reused.
127
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
