DML语句预编译:
MysqLi:
<?php $mysqli = new mysqli("localhost","root","root","dbname"); $mysqli->query("set names utf8"); $sql = 'insert into user(id,name,age,email) values (?,?,?,?)'; $mysqli_stmt = $mysqli->prepare($sql); $id = 2; $name = 'kung'; $age = 28; $email = 'ohdas@163.com'; $mysqli_stmt->bind_param('isis',$id,$name,$age,$email); $res = $mysqli_stmt->execute(); if(!$res){ echo 'error'.$mysqli_stmt->error; exit; }else{ echo 'ok'; } $id = 3; $name = 'xiaoyu'; $age = 28; $email = 'kung-yu@163.com'; $mysqli_stmt->bind_param('isis',$id,$name,$age,$email); $res = $mysqli_stmt->execute(); if(!$res){ echo 'error'.mysqli_stmt->error; exit; }else{ echo 'ok'; } ?>
PDO:
<?php $dns = 'mysql:dbname=dbname;host=127.0.0.1'; $user = 'root'; $password = 'root'; try{ $pdo = new PDO($dns,$user,$password); } catch(PDOException $e){ echo $e->getMessage(); } $pdo->query("set names utf8"); $sql = 'inser into user values(:id,:name,:age,:email)'; $pdo_stmt = $pdo->prepare($sql); $id = 2; $name = 'kung'; $age = 27; $email = 'ohdas@163.com'; $pdo_stmt->bindParam(':id',$id); $pdo_stmt->bindParam(':name',$name); $pdo_stmt->bindParam(':age',$age); $pdo_stmt->bindParam(':email',$email); $pdo_stmt->execute(); ?>
mysqli:
<?php $mysqli = new mysqli("localhost","root","root","dbname"); $mysqli->query("set names utf8"); $sql = " select id,name from user where id > ?"; $mysqli_stmt = $mysqli->prepare($sql); $id = 1; $mysqli_stmt->bind_param('i',$id); $mysqli_stmt->bind_result($id,$name); $mysqli_stmt->execute(); while($mysqli_stmt->fetch()){ echo $id.'--'.$name; } $mysqli_stmt->close(); $mysqli->close(); ?>