Chapter 24: CRUD: Read in PHP

Query rows with WHERE, ORDER, LIMIT. In this chapter, you will learn crud: read in depth with PHP code examples, explanations, and best practices.

Overview

This chapter covers crud: read for Kungfu.js developers using PHP. We will start with the basics, move through practical examples, and end with advanced techniques and common pitfalls.

Why This Matters

Understanding crud: read is essential because it is a core part of building web applications. Every real-world app needs to handle query rows with where, order, limit. Skipping this chapter would leave a gap in your knowledge that would cause problems later.

Code Example

Here is how to work with databases in PHP:

// Get all users
let users = User::all(&db).await?;

// Find one by primary key
let user = User::find_by_pk(1, &db).await?;

// Query with WHERE
let alice = User::find()
    .where_eq("email", "alice@example.com")
    .one(&db).await?;

// Query with multiple conditions
let active = User::find()
    .where_gt("id", 5)
    .where_eq("status", "active")
    .order_desc("created_at")
    .limit(10)
    .all(&db).await?;

How the ORM Works

The Kungfu.js ORM uses parameterized queries. This means user input never gets interpolated into SQL strings. Instead, placeholders like $1, $2 are used, and the actual values are passed separately. This makes SQL injection impossible.

For example, if you search for a user by email, the ORM generates: SELECT * FROM users WHERE email = $1 and passes the email value as a parameter. Even if the email contains SQL code like ' OR 1=1 --, it is treated as a plain string, not as SQL.

Common Mistakes

  • Not reading the documentation: Always check the API reference when something does not work as expected.
  • Skipping security: Never disable the default middleware unless you have a very good reason. Security is not optional.
  • Not testing: Write tests for your handlers. Kungfu.js makes this easy with the built-in test utilities.

Summary

In this chapter, you learned about crud: read in PHP. You saw code examples, understood how things work under the hood, and learned about common mistakes to avoid.

What is Next?

In chapter 25, we will cover CRUD: Update: Update rows by primary key.