Our Blog

SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application. Usually, user input is not filtered by the script and is passed into a SQL statement.

PDO – PHP Data Objects – is a database access layer providing a standardized method of access to multiple databases. 
Continue reading →

Continuing the Zend_DB article series, we are stopping now at DML statements.
DML (Data Manipulation Language) statements are statements that change data values in database tables. There are 3 primary DML statements:

• INSERT – Inserting new rows into database tables.
• UPDATE – Updating existing rows in database tables .
• DELETE – Deleting existing rows from database tables.

Continue reading →

Continuing the Zend_DB article series, we are stopping now at subqueries.

As you note, the below is a complicate query, with COUNT(), LEFT JOIN(), GROUP BY
– select from 3 tables, and make a count from 2 different tables:
Continue reading →

Continuing the Zend_DB article series, we are stopping now at FETCH methods that are in Zend_Db_Adapter_Abstract:

array  fetchAll  (string|Zend_Db_Select $sql, [mixed $bind = array()], [mixed $fetchMode  = null])
array fetchAssoc (string|Zend_Db_Select $sql, [mixed $bind = array()])
array fetchCol (string|Zend_Db_Select $sql, [mixed $bind = array()])
string fetchOne (string|Zend_Db_Select $sql, [mixed $bind = array()])
array fetchPairs (string|Zend_Db_Select $sql, [mixed $bind = array()])
array fetchRow (string|Zend_Db_Select $sql, [mixed $bind = array()], [mixed $fetchMode = null])

To be more easily to follow, in green box is the classical SQL statement, and in blue box is the query written in Zend_Db style.

Continue reading →

Zend_Db and its related classes provide a simple SQL database interface for Zend Framework.
To connect to MySql database, we are using Pdo_Mysql adapter :

$db = Zend_Db::factory('Pdo_Mysql', $dbConnect);

Continue reading →