我现在仍在通过博客教程学习 YII,并且对一些代码感到好奇。
在这个链接上
http://www.yiiframework.com/doc/blog/1.1/en/prototype.auth
有这样的代码
<?php
class UserIdentity extends CUserIdentity
{
private $_id;
public function authenticate()
{
$username=strtolower($this->username);
$user=User::model()->find('LOWER(username)=?',array($username));
if($user===null)
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if(!$user->validatePassword($this->password))
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
{
$this->_id=$user->id;
$this->username=$user->username;
$this->errorCode=self::ERROR_NONE;
}
return $this->errorCode==self::ERROR_NONE;
}
public function getId()
{
return $this->_id;
}
}
我对一些代码很好奇。
- 为什么代码最后一行没有
?>? - 在这一行
$user=User::model()->find('LOWER(username)=?',array($username));为什么使用LOWER(username )=?不是LOWER(username)=。为什么需要?,这是我可能还不知道的某些查询条件吗?
最佳答案
-
根据 this link,
?>并不是真正需要的:The closing tag of a PHP block at the end of a file is optional, and in some cases omitting it is helpful when using include() or require(), so unwanted whitespace will not occur at the end of files, and you will still be able to add headers to the response later. It is also handy if you use output buffering, and would not like to see added unwanted whitespace at the end of the parts generated by the included files.
?与 SQL 语法相关,如 here 所示.还有 second answer here说:The question mark represents a parameter that will later be replaced. Using parameterized queries is more secure than embedding the parameters right into the query.
关于php - YII CActiveRecord->find(),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/7567686/