Running Injected SQL Statements
You can inject an SQL statement into a string literal and then run that statement:
- In the editor, place the cursor within the corresponding string literal.
- Do one of the following:
- Press Ctrl+Enter.
- Press Alt+Enter and select Run query in console.
- Click and select Run query in console.
- If asked, select the database console to be used.
- If the statement contains parameters, specify the parameter values.
Configuring sprintf Format References
You can have PhpStorm recognize sprintf format references in injected SQL strings:
- Open the Settings / Preferences Dialog by pressing Ctrl+Alt+S or by choosing for Windows and Linux or for macOS. Expand the Tools node, and then click User Parameters under Database.
- Select the Enable in console and SQL files and Enable in string literals with SQL injection checkboxes.
- In the Parameter Patterns list:
- Click the
%w+
pattern. PhpStorm expands a hidden area with the configuration settings for the pattern. - Select the In scripts and In literals checkboxes.
- Click the <Language> link and select PHP in the drop-down list.
- Click the
Last modified: 27 July 2018