The method will properly escape the column names and bind the values to be updated.
public update ( string $table, array $columns, array | string $condition = '', array $params = [] ) | ||
$table | string | the table to be updated. |
$columns | array | the column data (name => value) to be updated. |
$condition | array | string | the conditions that will be put in the WHERE part. Please refer to [[Query::where()]] on how to specify conditions. |
$params | array | the parameters to be bound to the query. |