在SQL查询代码点火器中插入PHP变量
我正在使用Codeigniter来使用一些查询,这是到目前为止我的代码。我的代码正确吗在SQL查询代码点火器中插入PHP变量,php,mysql,codeigniter,Php,Mysql,Codeigniter,我正在使用Codeigniter来使用一些查询,这是到目前为止我的代码。我的代码正确吗 $this->db->select("(SELECT SUM(grand_total) FROM Sales_order WHERE member = '2') - (SELECT SUM(amount) FROM payment WHERE member_id = '2') AS total_sales"); 以及如何使用此变量更改数字2 $this->session->userdata('
$this->db->select("(SELECT SUM(grand_total) FROM Sales_order WHERE member = '2') - (SELECT SUM(amount) FROM payment WHERE member_id = '2') AS total_sales");
$this->session->userdata('ID')$this->db->select("(SELECT SUM(grand_total) FROM Sales_order WHERE member = '".$this->session->userdata('ID')."') - (SELECT SUM(amount) FROM payment WHERE member_id = '".$this->session->userdata('ID')."') AS total_sales"');
$sql = "(SELECT SUM(grand_total) FROM Sales_order WHERE member = '?') - (SELECT SUM(amount) FROM payment WHERE member_id = '?') AS total_sales";
$this->db->query($sql, array($this->session->userdata('ID'),$this->session->userdata('ID')));
sql注入?来自doc谢谢@Hoángėng我来看看:)