Not just that but it kind of breaks the whole database abstraction purpose behind using something like Propel. It opens the door to the developer using non-standard SQL which will break when you change database.
On Thu, Mar 5, 2009 at 2:08 PM, Thomas Rabaix <thomas.rab...@gmail.com>wrote: > be aware that Criteria::CUSTOM is a open door to SQL Injection. > > On Thu, Mar 5, 2009 at 12:57 PM, Kris Wallsmith < > kris.wallsm...@symfony-project.com> wrote: > >> If you're using Propel, the following code should do the trick: >> $criteria = new Criteria(); >> $criteria-> >> add(TransactionPeer::USER_ID, 28)-> >> add(TransactionPeer::CREATED_AT, "created_at BETWEEN '3/2/2008 12:00:00 >> AM' AND '3/3/2009 11:59:59 PM'", Criteria::CUSTOM) >> ; >> $transactions = TransactionPeer::doSelect($criteria); >> >> Kris >> >> -- >> >> *Kris Wallsmith* | Community Manager >> kris.wallsm...@symfony-project.com >> Portland, Oregon USA >> >> http://twitter.com/kriswallsmith >> >> On Mar 4, 2009, at 5:58 PM, janlar...@gmail.com wrote: >> >> >> hi all im a new user of sysmfony i hope can help me to translate this >> statement to symfony >> >> >> SELECT * FROM transactions WHERE user_id = 28 AND created_at BETWEEN >> '3/2/2008 12:00:00 AM ' AND '3/3/2009 11:59:59 PM ' >> >> >> Thanks, >> >> >> >> >> >> >> > > > -- > Thomas Rabaix > http://rabaix.net > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
