1.原生查询
$sql="select * from goods where goods_id=1";
$data=Goods::findBySql($sql)->all();
SQL注入
$sql = "select * from article where id=".$id;
//若前台接受的$id,是字符串
$id = '1 or 1=1';
//此时的sql,将把数据库中的数据全查出来
$sql = "select * from article where id=1 or 1=1";
//也可删除整个表格,若
$id = '1 ; drop table article;';
$sql = "select * from article where id=1 ; drop table article;";
通过占位符的方式,防止SQL注入
//sql查询语句
$id = '1 or 1=1';
$sql = "select * from article where id=:id”;
$r = Article::findBySql($sql,[':id'=>$id])->all();
转载,使用占位符预防SQL注入的原理:
https://my.oschina.net/u/860267/blog/761167