這篇文章主要介紹了MySQL中預處理語句prepare、execute與deallocate的使用教程,需要的朋友可以參考下
MySQL官方將prepare、execute、deallocate統稱為PREPARE STATEMENT。
我習慣稱之為【預處理語句】。
其用法十分簡單,
PREPARE stmt_name FROM preparable_stmt EXECUTE stmt_name [USING @var_name [, @var_name] ...] - {DEALLOCATE | DROP} PREPARE stmt_name
#舉個栗子:
##
mysql> PREPARE pr1 FROM 'SELECT ?+?'; Query OK, 0 rows affected (0.01 sec) Statement prepared mysql> SET @a=1, @b=10 ; Query OK, 0 rows affected (0.00 sec) mysql> EXECUTE pr1 USING @a, @b; +------+ | ?+? | +------+ | 11 | +------+ 1 row in set (0.00 sec) mysql> EXECUTE pr1 USING 1, 2; -- 只能使用用户变量传递。 ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1, 2' at line 1 mysql> DEALLOCATE PREPARE pr1; Query OK, 0 rows affected (0.00 sec)
例如用於執行帶有WHERE條件的SELECT和DELETE,或者UPDATE,或者INSERT,只需要每次修改變數值即可。
同樣可以防止SQL注入,參數值可以包含轉義符和定界符。
mysql> CREATE TABLE a (a int); Query OK, 0 rows affected (0.26 sec) mysql> INSERT INTO a SELECT 1; Query OK, 1 row affected (0.04 sec) Records: 1 Duplicates: 0 Warnings: 0 mysql> INSERT INTO a SELECT 2; Query OK, 1 row affected (0.04 sec) Records: 1 Duplicates: 0 Warnings: 0 mysql> INSERT INTO a SELECT 3; Query OK, 1 row affected (0.04 sec) Records: 1 Duplicates: 0 Warnings: 0 mysql> SET @select_test = CONCAT('SELECT * FROM ', @table_name); Query OK, 0 rows affected (0.00 sec) mysql> SET @table_name = 'a'; Query OK, 0 rows affected (0.00 sec) mysql> PREPARE pr2 FROM @select_test; Query OK, 0 rows affected (0.00 sec) Statement prepared mysql> EXECUTE pr2 ; +------+ | a | +------+ | 1 | | 2 | | 3 | +------+ 3 rows in set (0.00 sec) mysql> DROP PREPARE pr2; -- 此处DROP可以替代DEALLOCATE Query OK, 0 rows affected (0.00 sec)
以上是MySQL中prepare與execute以及deallocate預處理語句的使用教學課程的詳細內容。更多資訊請關注PHP中文網其他相關文章!