Community Learn Tools Library Leisure
search
English
Home > List of blog posts > CURD 操作,PDO 本质\原理,使用预处理的原因
Blogger Information
Blog 33
fans 0
comment 0
visits 17022
Special Recommendation
More>
Related recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
CURD 操作,PDO 本质\原理,使用预处理的原因
lucaslwk
Original
619 people have browsed it

CURD 操作,PDO 本质\原理,使用预处理的原因

CURD 操作

curd

  1. <?php
  3. namespace pdo;
  5. //连接数据库
  6. require __DIR__ . '/config/connect.php';
  9. //插入 INSERT 表名 SET 字段1=值1,字段2=值2,...
  10. //?关键字全大写,表名字段名使用`反引号
  11. $sqlInsert = 'INSERT `staff` SET `name`=?,`gender`=?,`email`=?';
  12. //* '?'匿名占位符,':字段名'命名占位符
  13. //* $sqlInsert = 'INSERT `staff` SET `name`=:name,`gender`=:gender,`email`=:email';
  15. //创建SQL语句模板对象
  16. $stmt = $db->prepare($sqlInsert);
  18. $stmt->execute(['张三', '1', 'z3@qq.com']);
  19. $stmt->execute(['李四', '0', 'l4@qq.com']);
  20. $stmt->execute(['王五', '1', 'w5@qq.com']);
  21. $stmt->execute(['赵六', '0', 'z6@qq.com']);
  22. // *若条件来自于外部例如url中的get参数
  23. //* $stmt->execute([':id'=?$_GET['id'],':gender'=?$_GET['gender'],':email'=?$_GET['email']]);
  24. include __DIR__ . '/check.php';
  26. //更新 UPDATE 表名 SET 字段1=值1,字段2=值2,... WHERE 更新条件
  27. $sqlUpdate = 'UPDATE `staff` SET `name`=? WHERE `id`=?';
  29. $stmt = $db->prepare($sqlUpdate);
  31. $stmt->execute(['王三', '3']);
  33. include __DIR__ . '/check.php';
  35. //删除 DELETE FROM 表名 WHERE 删除条件
  37. $sqlUpdate = 'DELETE FROM `staff` WHERE `id`=?';
  39. $stmt = $db->prepare($sqlUpdate);
  41. $stmt->execute(['3']);
  43. include __DIR__ . '/check.php';
  45. //查询 SELECT 字段列表 FROM 表名 WHERE 查询条件
  47. $sqlUpdate = 'SELECT * FROM `staff` WHERE `id`<=?';
  49. $stmt = $db->prepare($sqlUpdate);
  51. $stmt->execute(['10']);
  53. include __DIR__ . '/check.php';
  55. //?单次查询
  56. //FETCH默认会返回关联和索引两部分
  57. //方法一:$stmt->fetch(PDO::FETCH_ASSOC) PDO::FETCH_ASSOC只取关联部分
  58. printf('<pre>%s</pre>', print_r($stmt->fetch(), true));
  60. //extract($stmt->fetch());
  61. //echo "$id,$name,$gender,$email";
  63. //?多条查询
  65. //printf('<pre>%s</pre>', print_r($stmt->fetchAll(), true));
  66. foreach ($stmt->fetchAll() as $key) {
  67.    extract($key);
  68.    if ($gender === '1') {
  69.       $gender = '男';
  70.    } else $gender = '女';
  71.    echo "$id---$name---$gender---$email<br>";
  72.    //printf('<pre>%s</pre>', print_r($key, true));
  73. }

PDO 本质\原理

  1. PDO本质是一个包含对数据库相关操作的类
  2. PDO原理是创建一个实例对象,然后调用类中的相关方法对选中的数据库进行操作

使用预处理的原因

  1. 预处理:可以防止sql注入攻击,可以实现数据延迟绑定
Correcting teacher:PHPzPHPz

Correction status:qualified

Teacher's comments:
Statement of this Website
The copyright of this blog article belongs to the blogger. Please specify the address when reprinting! If there is any infringement or violation of the law, please contact admin@php.cn Report processing!
All comments Speak rationally on civilized internet, please comply with News Comment Service Agreement
0 comments
Author's latest blog post