Running Injected SQL Statements
You can inject an SQL statement into a string literal and then run that statement:
In the editor, place the cursor within the corresponding string literal.
- Do one of the following:
Press Ctrl+Enter.
Press Alt+Enter and select Run query in console.
Click and select Run query in console.
If asked, select the database console to be used.
If the statement contains parameters, specify the parameter values.
Configuring sprintf Format References
You can have PhpStorm recognize sprintf format references in injected SQL strings:
Open the Settings / Preferences Dialog by pressing Ctrl+Alt+S or by choosing for Windows and Linux or for macOS. Expand the Tools node, and then click User Parameters under Database.
Select the Enable in console and SQL files and Enable in string literals with SQL injection checkboxes.
- In the Parameter Patterns list:
Click the
%w+
pattern. PhpStorm expands a hidden area with the configuration settings for the pattern.Select the In scripts and In literals checkboxes.
Click the <Language> link and select PHP in the list.