️ ObjectQuel
Filtering & Parameters
ObjectQuel's where clause supports a full set of comparison operators, set membership tests, and null checks — all protected against SQL injection through named parameter binding.
Filtering with Where Clauses
Build conditions using comparison operators and logical connectors (and, or):
Comparison Operators
// Using comparison operators
$results = $entityManager->executeQuery("
range of p is App\\Entity\\ProductEntity
retrieve (p) where p.price >= :minPrice and p.price <= :maxPrice
", ['minPrice' => 10.00, 'maxPrice' => 50.00]);
// Using BETWEEN (equivalent, more readable for ranges)
$results = $entityManager->executeQuery("
range of p is App\\Entity\\ProductEntity
retrieve (p) where p.price between :min and :max
", ['min' => 10.00, 'max' => 50.00]);IN and NOT IN
$results = $entityManager->executeQuery("
range of p is App\\Entity\\ProductEntity
retrieve (p) where p.categoryId in (:categories)
", ['categories' => [1, 2, 3]]);
$results = $entityManager->executeQuery("
range of p is App\\Entity\\ProductEntity
retrieve (p) where p.status not in (:excluded)
", ['excluded' => ['deleted', 'archived']]);NULL Handling
$results = $entityManager->executeQuery("
range of u is App\\Entity\\UserEntity
retrieve (u) where u.deletedAt is null
");
$results = $entityManager->executeQuery("
range of u is App\\Entity\\UserEntity
retrieve (u) where u.emailVerifiedAt is not null
");Parameter Binding
Always pass variable values through parameter binding, never interpolated directly into the query string. Parameter binding prevents SQL injection and allows the query planner to cache execution plans.
Pass parameters as a key-value array in the second argument to executeQuery, using :name placeholders in the query:
$results = $entityManager->executeQuery("
range of p is App\\Entity\\ProductEntity
retrieve (p) where p.price between :min and :max and p.active = :active
", [
'min' => 10.00,
'max' => 100.00,
'active' => true
]);