How to write a SQL Safe Query using quoteInto() method magento 2?

Using a SQL quoteInto() method, Write a Query using Magento standard way with SQL Safe quoted value.

Return Type: quoteInto() always returns a string with SQL-safe quoted value placed into the original text.

quoteInto() method used in the direct SQL query for a safe quote with SQL conditions.

Base Definition:

/*
 * @param string $text The text with a placeholder.
 * @param mixed $value The value to quote.
 * @param string $type OPTIONAL SQL datatype
 * @param integer $count OPTIONAL count of placeholders to replace
 * @return string An SQL-safe quoted value placed into the original text.
 */
public function quoteInto($text, $value, $type = null, $count = null);
  • Use of quoteInto() method will be mostly seen inside Direct SQL query with conditional statements.

Quotes a value and places into a piece of text at a placeholder. The placeholder is a question-mark; all placeholders will be replaced with the quoted value.

Example for delete entry from the core_config_data table with Direct query delete(),

<?php
namespace Path\To\Class;

use Magento\Framework\App\ResourceConnection;

class UseQuoteInto {

    const CORE_CONFIG_TABLE = 'core_config_data';

    /**
     * @var ResourceConnection
     */
    private $resourceConnection;

    public function __construct(
       ResourceConnection $resourceConnection
    ) {
       $this->resourceConnection = $resourceConnection;
    }

    /**
     * Delete CoreConfig Entry Query
     *
     * @return $this
     */
    public function deleteCoreConfigEntry()
    {
        $connection  = $this->resourceConnection->getConnection();
        $tableName = $connection->getTableName(self::CORE_CONFIG_TABLE);

        $path = "pathname";
        $scope = "store";
        $scopeId = 1;

        $connection->delete(
            $tableName,
            [
                $connection->quoteInto('path = ?', $path),
                $connection->quoteInto('scope = ?', $scope),
                $connection->quoteInto('scope_id = ?', $scopeId)
            ]
        );
        return $this;
    }
}

Using the above way, You can use quoteInto() method into text string with Safe SQL query.