Watch your whereIn!

0 gravatar By Grégoire Marchal - 10/17/2010

Doctrine is cool, it makes live easier, we don't deal with big SQL queries any more, great. But sometimes it's vicious. Last example with the whereIn() method. On the face of it, there shouldn't be any problem, it just converts this:

$query->whereIn('id', array(1, 2, 3))

Into this:

AND id IN (1, 2, 3)

Let's imagine that the array parameter is dynamically built, and that sometimes it's empty... What's happen then? With MySQL, the "IN ()" instruction returns an error. What does Doctrine do? Well... Nothing. It ignores this criteria and executes the query, returning unexpected results... An exception is supposed to be thrown, but a bug prevents it. A ticket is opened... Be careful!

Back home

Comments (0)