Get Started

Upgrade

Where Syntax

Query

Aggregation

Fetch

Transaction

Management

Advanced

Raw object

PDO object

Debug

Information

version: 2.1.3

query

Execute the customized raw query

query($query)
Return: [object] The PDOStatement object.
Medoo is handling all queries with SQL-92 standard. You should keep in mind the quotation marks in the query, or use prepared statements to prevent SQL injection as possible.
$database->query("CREATE TABLE table (
	c1 INT STORAGE DISK,
	c2 INT STORAGE MEMORY
) ENGINE NDB;");

$data = $database->query("SELECT email FROM account")->fetchAll();
print_r($data);

Quotation Syntax

The raw SQL expression provided a shortcut quoting and prefixing for table name and column name, so you don\'t have to care about the quotation and maintain the table prefix. All you have to do is use <name> to explain they are table or column name. Medoo will analyze whether they are table or column and translate them with correct quotations and prefixes.

$data = $database->query("SELECT <email> FROM <account>")->fetchAll();
// This query will be translated to:
// SELECT "email" FROM "account"

// If you have set table prefix from initialization, the above query will be translated to:
$database = new Medoo([
	....
	"prefix" => "WP_"
]);

$data = $database->query("SELECT <account.email>,<account.nickname>
	FROM <account>
	WHERE <id> != 100
")->fetchAll();
SELECT "WP_account"."email", "WP_account"."nickname"
FROM "WP_account"
WHERE "id" != 100

Prepared statement

The query() also supports prepared statements. Medoo will auto-detect the data type for input parameters.

$data = $database->query(
	"SELECT * FROM <account> WHERE <user_name> = :user_name AND <age> = :age", [
		":user_name" => "John Smite",
		":age" => 20
	]
)->fetchAll();

print_r($data);