Same name and namespace in other branches
- 10 core/lib/Drupal/Core/Database/database.api.php \database
- 4.6.x includes/database.inc \database
- 5.x includes/database.inc \database
- 6.x includes/database.inc \database
- 7.x includes/database/database.inc \database
- 8.9.x core/lib/Drupal/Core/Database/database.api.php \database
- 9 core/lib/Drupal/Core/Database/database.api.php \database
Allow the use of different database servers using the same code base.
Drupal provides a slim database abstraction layer to provide developers with the ability to support multiple database servers easily. The intent of this layer is to preserve the syntax and power of SQL as much as possible, while letting Drupal control the pieces of queries that need to be written differently for different servers and provide basic security checks.
Most Drupal database queries are performed by a call to db_query() or db_query_range(). Module authors should also consider using pager_query() for queries that return results that need to be presented on multiple pages, and tablesort_sql() for generating appropriate queries for sortable tables.
For example, one might wish to return a list of the most recent 10 nodes authored by a given user. Instead of directly issuing the SQL query
SELECT n.title, n.body, n.created FROM node n WHERE n.uid = $uid LIMIT 0, 10;
one would instead call the Drupal functions:
$result = db_query_range('SELECT n.title, n.body, n.created
FROM {node} n WHERE n.uid = %d', $uid, 0, 10);
while ($node = db_fetch_object($result)) {
// Perform operations on $node->body, etc. here.
}
Curly braces are used around "node" to provide table prefixing via db_prefix_tables(). The explicit use of a user ID is pulled out into an argument passed to db_query() so that SQL injection attacks from user input can be caught and nullified. The LIMIT syntax varies between database servers, so that is abstracted into db_query_range() arguments. Finally, note the common pattern of iterating over the result set using db_fetch_object().
File
- includes/
database.inc, line 8 - Wrapper for database interface code.
Functions
Name | Location | Description |
---|---|---|
db_prefix_tables |
includes/ |
Append a database prefix to all tables in a query. |
db_set_active |
includes/ |
Activate a database for future queries. |
_db_query_callback |
includes/ |
Helper function for db_query(). |
db_query |
includes/ |
Runs a basic query in the active database. |
db_queryd |
includes/ |
Debugging version of db_query(). |
_db_rewrite_sql |
includes/ |
Helper function for db_rewrite_sql. |
db_rewrite_sql |
includes/ |
Rewrites node, taxonomy and comment queries. Use it for listing queries. Do not use FROM table1, table2 syntax, use JOIN instead. |
db_escape_table |
includes/ |
Restrict a dynamic tablename to safe characters. |
db_connect |
includes/ |
Initialize a database connection. |
_db_query |
includes/ |
Helper function for db_query(). |
db_fetch_object |
includes/ |
Fetch one result row from the previous query as an object. |
db_fetch_array |
includes/ |
Fetch one result row from the previous query as an array. |
db_num_rows |
includes/ |
Determine how many result rows were found by the preceding query. |
db_result |
includes/ |
Return an individual result field from the previous query. |
db_error |
includes/ |
Determine whether the previous query caused an error. |
db_next_id |
includes/ |
Return a new unique ID in the given sequence. |
db_affected_rows |
includes/ |
Determine the number of rows changed by the preceding query. |
db_query_range |
includes/ |
Runs a limited-range query in the active database. |
db_query_temporary |
includes/ |
Runs a SELECT query and stores its results in a temporary table. |
db_encode_blob |
includes/ |
Returns a properly formatted Binary Large OBject value. |
db_decode_blob |
includes/ |
Returns text from a Binary Large Object value. |
db_escape_string |
includes/ |
Prepare user input for use in a database query, preventing SQL injection attacks. |
db_lock_table |
includes/ |
Lock a table. |
db_unlock_tables |
includes/ |
Unlock all locked tables. |
db_distinct_field |
includes/ |
Wraps the given table.field entry with a DISTINCT(). The wrapper is added to the SELECT list entry of the given query and the resulting query is returned. This function only applies the wrapper if a DISTINCT doesn't already exist in the query. |
db_connect |
includes/ |
Initialise a database connection. |
_db_query |
includes/ |
Helper function for db_query(). |
db_fetch_object |
includes/ |
Fetch one result row from the previous query as an object. |
db_fetch_array |
includes/ |
Fetch one result row from the previous query as an array. |
db_num_rows |
includes/ |
Determine how many result rows were found by the preceding query. |
db_result |
includes/ |
Return an individual result field from the previous query. |
db_error |
includes/ |
Determine whether the previous query caused an error. |
db_next_id |
includes/ |
Return a new unique ID in the given sequence. |
db_affected_rows |
includes/ |
Determine the number of rows changed by the preceding query. |
db_query_range |
includes/ |
Runs a limited-range query in the active database. |
db_query_temporary |
includes/ |
Runs a SELECT query and stores its results in a temporary table. |
db_encode_blob |
includes/ |
Returns a properly formatted Binary Large Object value. |
db_decode_blob |
includes/ |
Returns text from a Binary Large OBject value. |
db_escape_string |
includes/ |
Prepare user input for use in a database query, preventing SQL injection attacks. |
db_lock_table |
includes/ |
Lock a table. |
db_unlock_tables |
includes/ |
Unlock all locked tables. |
db_distinct_field |
includes/ |
Wraps the given table.field entry with a DISTINCT(). The wrapper is added to the SELECT list entry of the given query and the resulting query is returned. This function only applies the wrapper if a DISTINCT doesn't already exist in the query. |
db_connect |
includes/ |
Initialize a database connection. |
_db_query |
includes/ |
Helper function for db_query(). |
db_fetch_object |
includes/ |
Fetch one result row from the previous query as an object. |
db_fetch_array |
includes/ |
Fetch one result row from the previous query as an array. |
db_num_rows |
includes/ |
Determine how many result rows were found by the preceding query. |
db_result |
includes/ |
Return an individual result field from the previous query. |
db_error |
includes/ |
Determine whether the previous query caused an error. |
db_next_id |
includes/ |
Return a new unique ID in the given sequence. |
db_affected_rows |
includes/ |
Determine the number of rows changed by the preceding query. |
db_query_range |
includes/ |
Runs a limited-range query in the active database. |
db_query_temporary |
includes/ |
Runs a SELECT query and stores its results in a temporary table. |
db_encode_blob |
includes/ |
Returns a properly formatted Binary Large OBject value. In case of PostgreSQL encodes data for insert into bytea field. |
db_decode_blob |
includes/ |
Returns text from a Binary Large OBject value. In case of PostgreSQL decodes data after select from bytea field. |
db_escape_string |
includes/ |
Prepare user input for use in a database query, preventing SQL injection attacks. Note: This function requires PostgreSQL 7.2 or later. |
db_lock_table |
includes/ |
Lock a table. This function automatically starts a transaction. |
db_unlock_tables |
includes/ |
Unlock all locked tables. This function automatically commits a transaction. |
db_check_setup |
includes/ |
Verify if the database is set up correctly. |
db_distinct_field |
includes/ |
Wraps the given table.field entry with a DISTINCT(). The wrapper is added to the SELECT list entry of the given query and the resulting query is returned. This function only applies the wrapper if a DISTINCT doesn't already exist in the query. |
pager_query |
includes/ |
Perform a paged database query. |
tablesort_sql |
includes/ |
Create an SQL sort clause. |
Constants
Name | Location | Description |
---|---|---|
DB_QUERY_REGEXP |
includes/ |