I have a query for a paginated listing page. Some part of the SELECT and WHERE parts are raw queries. To avoid sql vularabilities, I need to use parameter binding for this query. It is worked fine for WhereRaw query but not worked in SELECT section.
Please see my query here:
$aJob = JobKeywords::where('job_keywords.status', 1)
->where('job_keywords.expiry_date', '>=', $today);
whereRaw('MATCH(job_title,company_name,skills) AGAINST (? IN BOOLEAN MODE) > 0', [$keyword])
->select([DB::Raw('job_keywords.job_id as job_id, ? as candidate_id, 1 as fts_search', [$candidateId]),"job_keywords.location as job_location_name",
DB::raw('MATCH(job_title,company_name,skills) AGAINST (? IN BOOLEAN MODE) as score', [$keyword]),
"job_keywords.company_name",
"job_keywords.job_id as id","job_keywords.job_title",
"job_keywords.skills",
"job_keywords.expiry_date",
"job_keywords.monthly_salary_range_min","job_keywords.monthly_salary_range_max",
'job_keywords.min_experience_in_year',
'job_keywords.metadata'])
->orderBy('score', 'DESC')
->paginate(10);
The parameter binding in WhereRaw is working fine but inside Select(DB::Raw) not working. It will throw SQLSTATE[HY093]: Invalid parameter number error. If we debug print_r($aJob->toSql()) and print_r($aJob->getBindings()) then you can see the parameter inside DB::raw is not counted.
Do any one have any idea about this?
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire