Get Started

Upgrade

Where Syntax

Query

Aggregation

Fetch

Transaction

Advanced

Raw object

PDO object

Debug

Information

version: 1.5.7

query

Execute customized raw query

query($query)
Return: [object] The PDOStatement object.
Medoo is handled all queries with SQL-92 standard. You should keep in mind about the quotation mark in the query, or use prepared statement to prevent SQL injection.
$database->query("CREATE TABLE table (
	c1 INT STORAGE DISK,
	c2 INT STORAGE MEMORY
) ENGINE NDB;");

$data = $database->query("SELECT email FROM account")->fetchAll();
print_r($data);

Quotation Syntax

The raw SQL expression provided a shortcut quoting and prefixing for table name and column name, so you don't have to care about the quotation and maintaining the table prefix. All you have to do is using <name> to explain they are table or column name. Medoo will analysis they are table or column, and translate them with correct quotation and prefix.

$data = $database->query("SELECT <email> FROM <account>")->fetchAll();
// This query will be translated to:
// SELECT "email" FROM "account"

// If you set table prefix from initialization, the above query will be translated to:
$database = new Medoo([
	....
	"prefix" => "WP_"
]);

$data = $database->query("SELECT <account.email>,<account.nickname>
	FROM <account>
	WHERE <id> != 100
")->fetchAll();
// SELECT "WP_account"."email", "WP_account"."nickname" FROM "WP_account" WHERE "id" != 100

Prepared statement

The query() also support prepared statement. Medoo will auto-detect the data type for input parameters.

$data = $database->query(
	"SELECT * FROM <account> WHERE <user_name> = :user_name AND <age> = :age", [
		":user_name" => "John Smite",
		":age" => 20
	]
)->fetchAll();

print_r($data);