[IPS The Development Channel] 4.0 - Prepared Statements

[NewsBot]

In 4.0, we have made changes to the database class to make use of prepared statements.

 

 

For insert and update queries, the syntax is the same as it always has been:

However, where previously the database class would try to work out the type of variable passed to it - it now binds these to a prepared statement.

 

The real usefulness of this change though, is apparent when you need to use a where clause. Where previously you'd have to do something like this:

You can now do:

We calculate the datatype based on the variable datatype, so previously where you had to do things like $this->DB->setDataType( 'foo', 'string' ) when you wanted to store a value like '01' - ew) - you can now just cast the variable to whatever datatype you like.

For example, if you wanted to ensure that the variable was cast as a string to avoid issues where a user name of '007' was detected as an integer and converted to '7' then you'd use: