Introduction
Basic Concepts
Understanding Routing
Controllers
Views
Assets
Modules Calling Modules
Parent & Child Modules
Database Operations
Modules within Modules
Templates & Themes
Helpers Explained
Form Handling
Working with Files
The Module Import Wizard
Authorization & Authentication
The API Explorer
If you’ve found an error, spotted something missing, or feel a section could be clearer or better explained, we’d love to hear from you. Your feedback helps keep the documentation accurate and useful for everyone.
Please report issues or suggest improvements on GitHub. Community input is invaluable in making the docs stronger.
Not comfortable with GitHub? No problem — you can also get in touch with us directly via our contact form. We welcome all feedback.
Custom Database Queries
Custom database queries provide developers with the flexibility to execute SQL commands tailored to specific needs beyond the basic CRUD operations. This capability is essential for scenarios where predefined methods may not suffice, such as complex data retrievals, advanced analytics, or specialized data manipulations.
Executing Custom SQL Queries with The Query Method
The query() method allows developers to execute custom SQL queries directly. This method is versatile, accepting any valid SQL statement as its input. It returns the query results based on the specified return type, either as an array or an object.
Exercise caution when using the query() method to prevent SQL injection vulnerabilities. Always sanitize user input and validate SQL queries before execution to avoid potential security risks.
Executing Custom SQL Queries with Query Binding
The query_bind() method enhances security by utilizing parameter binding in SQL queries. Instead of directly embedding values into the SQL statement, it binds parameters separately, mitigating the risk of SQL injection attacks.
This method is particularly advisable when handling user input or dynamic data, where parameterized queries provide robust protection against malicious SQL injections.