這個查詢可以寫入Cdbcriteria（Yii Framework）嗎？

Question

我有這個查詢，我想用CDBCriteria寫它。它可以用CDBCriteria書寫嗎？我不知道如何在Yii框架中使用CDBcriteria編寫此查詢。

謝謝你的時間。

$opt=''; 
    if(!empty($roomtype)) 
    { 
     $opt .= " AND id_room_type = ".$roomtype; 
    } 
    if(empty($children)) 
    { 
     $opt .= " AND c.childrenFriendly = 1 "; 
     $capacity = $adults + $children; 
    } 
    else { 
     $capacity = $adults; 
    } 
    if(!empty($seaview)) 
    { 
     $opt .= " AND c.seaview = 1 "; 
    } 
    if(!empty($smoking)) 
    { 
     $opt .= " AND c.smoking = 1 "; 
    } 
    if(!empty($king_beds)) 
    { 
     $opt .= " AND c.king_beds >= 1 "; 
    } 

    $qry = RoomType::model()->findAllBySql(" 
     SELECT (number_of_rooms) AS total, id_room_type, c.reservation, c.start, c.end, childrenFriendly, smoking, king_beds, capacity, 
     SUM(number_of_rooms - IFNULL(c.reservation, 0)) AS result 
     FROM room_type 
     LEFT JOIN (
      SELECT fk_room_type, COUNT(fk_room_type) AS reservation, start ,end 
      FROM room_type_reservation 
      WHERE 
      (end > '".$start->asSql()."' AND start < '".$end->asSql()."') OR 
      (start < '".$end->asSql()."' AND end < '".$start->asSql()."') 
      GROUP BY fk_room_type 
     )c ON id_room_type = fk_room_type 
     WHERE enabled = 1 AND capacity > ".$capacity." ". $opt ." 
      GROUP BY id_room_type 
      HAVING result > ".$number_of_rooms." 
    "); 
    return $qry; 

Answer 1

當您閱讀laser_wizard引用的文檔時，請特別注意指定的範圍。在編程中，它們不是你想象範圍的範圍。相反，它們是將預定義表達式添加到where子句中的一種方法。你可能也想考慮使用參數標記而不是變量名在你的SQL中。這樣做將有助於防止SQL注入。