本文实例讲述了PHP数据对象PDO操作技巧。分享给大家供大家参考,具体如下:PHP数据对象(
本文实例讲述了PHP数据对象PDO操作技巧。分享给大家供大家参考,具体如下:
PHP 数据对象 (PDO) 扩展为PHP访问数据库定义了一个轻量级的一致接口。
<?php
try {
$dsn = "mysql:host=localhost; port=3306; dbname=wsq_hotel; charset=utf-8";
$user = 'root';
$psw ='root';
$pdo = new PDO($dsn,$user,$psw);
$sql = 'select goods_prices from wsq_goods_info where goods_id=2';
// $sql = "show database";
$res = $pdo->query($sql) or var_dump($pdo->errorInfo());
// var_dump($res);
$mon = $res->fetch(PDO::FETCH_ASSOC);
echo $mon['goods_price'];
} catch (PDOException $e) {
echo $e->getMessage();
}
?>
PDO操作事务
//开启事务
beginTransacition()
//回滚
rollback()
//提交
commit()
//判断是否处于事务之中
inTransaction()
返回最后插入行的ID
PDO::lastInsertID()
exec()执行
与query()相比,exec()返回的是受影响行数
$sql = "insert into table values('$val')";
if(false===$pdo->exec($sql)){
echo '执行失败';
}
PDO实现预编译
指的是预先编译sql的结构的一种执行sql的语法
如果执行多条结构相同的sql,编译的中间结果(语法树)应该也是一致的,因此可以将相同的结构,统一编译,每次使用不同的数据执行即可。
编译统一的结构
$pdoStatement = $pdo->prepare(sql结构)
绑定数据到中间编译结果
$pdoStatement ->bindValue()
执行
$pdoStatement ->execute()
//$sql = "insert into table values(null,?)";
$sql = "insert into table values(null,:name)";
$stmt = $pdo->prepare($sql);
//多组数据也是一编译一执行
//$stmt->bindValue(1,'bee');
$stmt->bindValue(':name','bee');
$res = $stmt->execute();
var_dump($res);
预编译能更好地防止sql注入,是因为预编译时候不需要用户的数据参与,因此编译时结构固定,所以数据不影响到sql结构。
$pdo->query()与$pdo->execute()如果需要防止sql注入,可以使用$pdo->quote()(其作用是先转义后加引号)
PDOstatement常用方法:
errorInfo() errorCode() fetchColumn() fetch() fetchAll() rowCount() closeCursor()
pdo应用
<?php
header('content-type:text/html;charset=utf-8');
class PDODB{
static private $_init;
private $_host;
private $_port;
private $_dbname;
private $_username;
private $_password;
private $_charset;
private $_dns;
private $_pdo;
private function __construct($config){
$this->_initParamas($config);
$this->_initDNS();
$this->_initDriverOptions();
$this->_initPDO();
}
private function __clone(){}
static public function getInstance($config){
if(!static::$_init instanceof static){
static::$_init = new static($config);
}
return static::$_init;
}
private function _initParamas($config){
$this->_host = isset($config['host'])?$config['host']:'localhost';
$this->_port = isset($config['port'])?$config['port']:'3306';
$this->_dbname = isset($config['dbname'])?$config['dbname']:'';
$this->_username = isset($config['username'])?$config['username']:'root';
$this->_passward = isset($config['passward'])?$config['passward']:'';
$this->_charset = isset($config['charset'])?$config['charset']:'utf8';
}
private function _initDNS(){
$this->_dns = "mysql:host=$this->_host;port=$this->_port;dbname=$this->_dbname";
}
private function _initDriverOptions(){
$this->_driverOptions = array(
PDO::MYSQL_ATTR_INIT_COMMAND => "set names $this->_charset"
);
}
private function _initPDO(){
$this->_pdo = new PDO($this->_dns,$this->_username,$this->_passward,$this->_driverOptions) or die("fail");
}
public function query($sql){
if(!$result = $this->_pdo->query($sql)){
$erro = $this->_pdo->errorInfo();
echo '失败的语句'.$sql.'<br>';
echo '错误代码'.$erro[1].'<br>';
echo '错误信息'.$erro[2].'<br>';
die;
}
return $result;
}
public function fetchAll($sql){
$res = $this->query($sql);
$list = $res->fetchAll(PDO::FETCH_ASSOC);
$res->closeCursor();
return $list;
}
public function fetchRow($sql){
$res = $this->query($sql);
$row = $res->fetch(PDO::FETCH_ASSOC);
$res->closeCursor();
return $row;
}
public function fetchOne($sql){
$res = $this->query($sql);
$one = $res->fetchColumn();
$res->closeCursor();
return $one;
}
public function escape_string($data){
return $this->_pdo->quote($data);
}
}
$config = array(
"host"=>"localhost",
"username"=>"root",
"passward"=>"root",
"dbname"=>"students"
);
$pdo = PDODB::getInstance($config);
$sql = "select sdept from student where sage=21";
var_dump($pdo->fetchRow($sql));
?>
运行效果图如下:
