Concept Flow - Raw expressions
Start Query Builder
Add Raw Expression
Raw SQL Injected
Execute Query
Get Results
This flow shows how Laravel's query builder accepts raw SQL expressions, injects them directly, and executes the query.
0
0
Raw expressions in Laravel - Step-by-Step Execution
Execution Sample
Laravel
$users = DB::table('users') ->select(DB::raw('count(*) as user_count')) ->whereRaw('age > ?', [25]) ->get();
This code builds a query using raw expressions to count users older than 25.
Execution Table
| Step | Action | Raw Expression Used | Query Part | Result |
|---|---|---|---|---|
| 1 | Start query builder on 'users' table | N/A | FROM users | Query builder ready |
| 2 | Add select with DB::raw('count(*) as user_count') | count(*) as user_count | SELECT count(*) as user_count | Select clause set |
| 3 | Add whereRaw('age > ?', [25]) | age > ? | WHERE age > 25 | Where clause set with parameter |
| 4 | Execute get() | N/A | Full SQL: SELECT count(*) as user_count FROM users WHERE age > 25 | Query executed, results fetched |
| 5 | Return results | N/A | N/A | Collection of results with user_count |
💡 Query executed and results returned, no more steps.
Variable Tracker
| Variable | Start | After Step 2 | After Step 3 | After Step 4 | Final |
|---|---|---|---|---|---|
| $users | undefined | Query builder instance with select raw | Query builder instance with whereRaw added | Executed query, results fetched | Collection with user_count |
Key Moments - 3 Insights
Why do we use DB::raw inside select()?
DB::raw tells Laravel to insert the SQL exactly as written without escaping or modifying it, as shown in step 2 of the execution_table.
How does whereRaw differ from where?
whereRaw allows writing raw SQL conditions with placeholders, which Laravel inserts directly, unlike where which builds conditions from parameters. See step 3 in execution_table.
Is it safe to use raw expressions?
Raw expressions can cause SQL injection if user input is not properly bound. Using parameter binding like in step 3 (age > ?) keeps it safe.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, what raw expression is used in step 2?
💡 Hint
Check the 'Raw Expression Used' column in step 2 of execution_table.
At which step is the parameter 25 bound to the query?
💡 Hint
Look at the 'Action' and 'Query Part' columns in step 3 of execution_table.
If we remove DB::raw from select(), what happens?
💡 Hint
Think about how Laravel treats strings in select() without DB::raw, referencing step 2.
Concept Snapshot
Laravel Raw Expressions: - Use DB::raw() to insert raw SQL in queries. - Use whereRaw() for raw WHERE clauses with bindings. - Bind parameters to avoid SQL injection. - Raw expressions bypass Laravel's query builder escaping. - Useful for complex SQL not supported by builder methods.
Full Transcript
This lesson shows how Laravel's query builder uses raw expressions to insert direct SQL snippets. The flow starts with building a query on the users table, then adds a raw select expression to count users. Next, a raw where clause filters users older than 25 with parameter binding. Finally, the query executes and returns results. Key points include using DB::raw to avoid escaping, whereRaw for raw conditions, and always binding parameters to keep queries safe. The execution table traces each step, showing how the raw SQL is integrated and executed.