yii直接执行sql

例1

$connection = Yii::app()->db;
$sql = "SELECT * FROM `project` ORDER BY id DESC";
$command = $connection->createCommand($sql);
$result = $command->queryAll();

print_r($result); 

例2

 $db = Yii::app()->db; //you have to define db connection in config/main.php

$sql = "select sum(if(starttime>'09:00:00',1,0)) as late,

  sum(if(endtime<'18:00:00',1,0)) as early         

from present where userid=:userid and date between :date_start and :date_end"

$results = $db->createCommand($sql)->query(array(

  ':userid' => 115,':date_start'=>'2009-12-1',':date_end'=>'2009-12-31',

));

foreach($results as $result){

  echo $result['late']," and ",$result['early']," /n";

}

 例3

 $sql = "select sum(if(starttime>'09:00:00',1,0)) as late,

  sum(if(endtime<'18:00:00',1,0)) as early         

from present where userid=115 and date between '2009-12-1' and '2009-12-31'"

$results = $db->createCommand($sql)->query();

foreach($results as $result){

  echo $result['late']," and ",$result['early']," /n";

}

例4

$oDbConnection = Yii::app()->db; // Getting database connection (config/main.php has to set up database
// Here you will use your complex sql query using a string or other yii ways to create your query
$oCommand = $oDbConnection->createCommand('SELECT * FROM my_table WHERE myAttr = :myValue');
// Bind the parameter
$oCommand->bindParam(':myValue', $myValueThatCameFromPostOrAnywereElse, PDO::PARAM_STR);
 

$oCDbDataReader = $oCommand->queryAll(); // Run query and get all results in a CDbDataReader 

 

说明：把查询条件作为参数（如例2），比较安全，可直接避免注入。要是直接用在SQL语句中，最好要经过防注入处理。

come from http://blog.csdn.net/straul/article/details/6320858