1

Laravel 5.5 DB code:

DB::table('users')->where('company_id', 'ACB')->toSql()

I expect result as

SELECT * FROM `users` where `company_id` = `ACB`

But, I got following result;

select * from `users` where `company_id` = ?

What I did wrong ? Thanks

Improve this question
1
  • This syntax prevent to sql injection. But when you try DB::table('users')->where('company_id', 'ACB')->get() that case actual query is select * from users where company_id ='ACB' Commented Mar 4, 2019 at 19:20

1 Answer 1

Reset to default
3

Nothing is wrong, the toSql() method, will only show you the query with binding params.

If you want to show bind, you need to use query->getBindings().

This is a security, to prevent SQL injection Databuilder use a prepared statement with question mark placeholders.

Look at this PHP docs

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.