Alternate to quoteInto Method for Pdo queries

Question

        $conditions[] = $this->getConnection()
            ->quoteInto('cat_index.category_id IN (?)', "{$filters[category_id]},{$Catids}");

quote into encaps my values in quotes. I want to use this same method without the quoteInto method. So basically, I would like to know what method does the samething without adding quotes

I dunno Zend but [with raw PDO you will need some hand work](http://stackoverflow.com/a/15991146/285587) — Your Common Sense, Sep 04 '13 at 12:57

score 1 · Answer 1 · answered Sep 04 '13 at 12:58

1

In order to use a parameterized query with in, you must specify the number of parameters with ? (or some value) even with in.

cat_index.category_id IN (?,?)

You can do this with an array of the arguments.

// array_merge Catids instead? is it an array?
$args = array($filters["category_id"], $Catids);
$query = "cat_index.category_id IN (" .
    implode(',', array_fill(0, count($args), '?'))
    . ")";
foreach ($args as $arg) {
    $connection->quoteInto($query, $arg);
}

answered Sep 04 '13 at 12:58

Explosion Pills

188,624
52
326
405

your solution did not work. quoteInto wraps quotations around my values still, I am passing integers – numerical25 Sep 04 '13 at 13:43
@numerical25 that doens't matter; MySQL will treat them the same in the query whether they have quotes around them or not if they are integers. – Explosion Pills Sep 04 '13 at 13:44
Yea, I figured out my issue. I was parsing the values from a string and PDO was therefore treating the values as a string instead of a integer. I had to convert each value to a integer using the intval() method before passing it into the quoteInto method – numerical25 Sep 04 '13 at 13:52

numerical25 · Answer 2 · 2013-09-04T14:00:14.743

The problem was I was parsing the values from a string and therefore the $Cateids were treated as if they were a string and not a integer. I did the following

    $values = $values ? array_filter(explode('_', $values)) : array();
    $i = 0;
    foreach($values as $v) {
        $values[$i] = intval($v);
    }

followed by

        $query = "cat_index.category_id IN (" .
            implode(',', array_fill(0, count($values), "?")). ")";
        foreach($values as $v) {
            $conditions[] = $this->getConnection()->quoteInto($query,$v);
        }

now the values being passed are treated like integers instead of being wrapped in quotations

Tim Fountain · Answer 3 · 2013-09-04T14:24:01.380

-1

Assuming $filters['category_id'] is not an array, but $Catids is, you probably want:

->quoteInto('cat_index.category_id IN (?)', array_merge(array($filters['category_id']), $Catids));

Edit: you can also do:

->quoteInto('cat_index.category_id IN (?)', array_merge(array($filters['category_id']), $Catids), 'INTEGER');

if you're sure the values are numeric - this will ensure you don't get quotes around the individual values. MySQL works perfectly well with quoted integers though.

edited Sep 04 '13 at 14:24

answered Sep 04 '13 at 13:07

Tim Fountain

33,093
5
41
69

quoteInto does exactly what I dont want it to do. it wraps the values in quotation. I am passing integers so therefore they do not need to be wrapped in quotes – numerical25 Sep 04 '13 at 13:44
Are you saying it wraps each value in a quote, like `'1','2','3'`, or the comma separated value: `'1,2,3'`? – Tim Fountain Sep 04 '13 at 14:18

Alternate to quoteInto Method for Pdo queries

3 Answers3