db_query

5 database.inc db_query($query)
6 database.mysql-common.inc db_query($query)
6 database.pgsql.inc db_query($query)
7 database.inc db_query($query, array $args = array(), array $options = array())
8 database.inc db_query($query, array $args = array(), array $options = array())

Runs a basic query in the active database.

User-supplied arguments to the query should be passed in as separate parameters so that they can be properly escaped to avoid SQL injection attacks.

Parameters

$query: A string containing an SQL query.

...: A variable number of arguments which are substituted into the query using printf() syntax. Instead of a variable number of query arguments, you may also pass a single array containing the query arguments.

Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose in '') and %%.

NOTE: using this syntax will cast NULL and FALSE values to decimal 0, and TRUE values to decimal 1.

Return value

Successful SELECT, SHOW, DESCRIBE, EXPLAIN, or other queries which return a set of results will return a database query result resource. Other successful queries will return TRUE and failing queries will return FALSE.

418 calls to db_query()

1 string reference to 'db_query'

File

includes/database.mysql-common.inc, line 33
Functions shared between mysql and mysqli database engines.

Code

function db_query($query) {
  $args = func_get_args();
  array_shift($args);
  $query = db_prefix_tables($query);
  if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax
    $args = $args[0];
  }
  _db_query_callback($args, TRUE);
  $query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query);
  return _db_query($query);
}

Comments

Usage of repetition quantifiers

Posted by fuerst on November 8, 2010 at 12:06pm

Note that curly brackets used as repetition quantifier in Regex's are removed as any other curly bracket. Pass the Regex as argument to db_query() instead like this:

db_query('SELECT name from {users} WHERE name RLIKE "%s"', '[a-z]{8}');

Postgresql

Posted by HylkeVDS on April 20, 2011 at 8:06am

Also note that if you want your code to also run on postgresql you should use ' to quote strings, not "

db_query("SELECT name from {users} WHERE name RLIKE '%s'", '[a-z]{8}');

But then again, pgsql doesn't know RLIKE...

@ before db_query

Posted by Bhargavi Moorthy on January 4, 2011 at 12:00pm

what does @db_query mean?

It suppresses errors

Posted by JayFid on January 5, 2011 at 5:13pm

http://php.net/manual/en/language.operators.errorcontrol.php

its the "error silencing" operator

Posted by boaz_r on January 11, 2011 at 4:25pm

Meaning this syntax will tell PHP to ignore errors generated by that very statement, and only for this statement.

Login or register to post comments