yii直接执行sql

例1

$connection = Yii::app()->db;
$sql = "SELECT * FROM `project` ORDER BY id DESC";
$command =  $connection->createCommand( $sql);
$result =  $command->queryAll();

print_r($result); 

例2

 $db = Yii::app()->db; //you have to define db connection in config/main.php

 
  $sql = "select sum(if(starttime>'09:00:00',1,0)) as late, 
  
   sum(if(endtime<'18:00:00',1,0)) as early          
  
 from present where userid=:userid and date between :date_start and :date_end" 
  
 
  $results =  
  $db->createCommand( 
  $sql)->query( 
  array( 
  
   ':userid' => 115,':date_start'=>'2009-12-1',':date_end'=>'2009-12-31', 
  
 )); 
  
 
  foreach( 
  $results  
  as  
  $result){ 
  
    
  echo  
  $result['late']," and ", 
  $result['early']," /n"; 
  
 } 
 

 例3

 $sql = "select sum(if(starttime>'09:00:00',1,0)) as late,

     sum(if(endtime<'18:00:00',1,0)) as early          
  
 from present where userid=115 and date between '2009-12-1' and '2009-12-31'" 
  
 
  $results =  
  $db->createCommand( 
  $sql)->query(); 
  
 
  foreach( 
  $results  
  as  
  $result){ 
  
    
  echo  
  $result['late']," and ", 
  $result['early']," /n"; 
  
 } 
 

例4

$oDbConnection = Yii::app()->db;  //  Getting database connection (config/main.php has to set up database
// Here you will use your complex sql query using a string or other yii ways to create your query
$oCommand =  $oDbConnection->createCommand('SELECT * FROM my_table WHERE myAttr = :myValue');
//  Bind the parameter
$oCommand->bindParam(':myValue',  $myValueThatCameFromPostOrAnywereElse, PDO::PARAM_STR);
 

$oCDbDataReader = $oCommand->queryAll(); // Run query and get all results in a CDbDataReader 

 

说明：把查询条件作为参数（如例2），比较安全，可直接避免注入。要是直接用在SQL语句中，最好要经过防注入处理。

come from http://blog.csdn.net/straul/article/details/6320858