所以我已经升级到 ZF 2.1.4,我收到一条通知,上面写着:Attempting to quote a value in Zend\Db\Adapter\Platform\Mysql without extension/driver support can introduce security vulnerabilities in a production environment
我的 dbadapter 是这样实例化的:
return array(
'service_manager' => array(
'factories' => array(
'Zend\Db\Adapter\Adapter' => 'Zend\Db\Adapter\AdapterServiceFactory',
)
),
'db' => array(
'driver' => 'pdo_mysql',
'driver_options' => array(
PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'UTF8'"
),
'dsn' => 'mysql:dbname=test;host=192.168.1.8',
'username' => 'test',
'password' => 'test',
)
);
我想引用以下内容:
$order = 'field(ce.id, ' . $this->_db->getPlatform()->quoteValueList($ids) . ')';
$select->order(new Expression($order));
我应该怎么做?我的印象是 pdo_mysql 有驱动程序支持引用值。