func()

Safely injects SQL functions into insert(), update(), and other operations. This is the recommended way to use dynamic SQL expressions like NOW(), UUID(), or date math with INTERVAL.

Signature:

public function func(string $expression): array

Example: insert with NOW()

$data = [
  'username'    => 'demo_user',
  'created_at'  => $db->func('NOW()')
];

$db->insert('test_users', $data);

Example: update with INTERVAL

$db->where('id', 42);
$db->update('test_users', [
  'locked_until' => $db->func('NOW() + INTERVAL 1 DAY')
]);

Allowed expressions

NOW(), UUID(), CURDATE(), CURRENT_TIMESTAMP
Date math: created_at + INTERVAL 7 DAY, last_login - INTERVAL 15 MINUTE

Not allowed: Expressions like SLEEP(1), LOAD_FILE(), or complex nested SQL functions are blocked for security reasons.

Note: Invalid or unsafe expressions will throw an exception and automatically reset the query builder. This is by design.

Behind the scenes: This method wraps your input in the [F] placeholder and validates it against a strict whitelist via _secureValidateFunc().

decMuc/PDOdb

func()

Example: insert with NOW()

Example: update with INTERVAL

Allowed expressions

See Also