PHP之PDO

PHP 数据对象 （PDO） 扩展为PHP访问数据库定义了一个轻量级的一致接口。

<?php try { $dsn = "mysql:host=localhost; port=3306; dbname=wsq_hotel; charset=utf-8"; $user = 'root'; $psw ='root'; $pdo = new PDO($dsn,$user,$psw); $sql = 'select goods_prices from wsq_goods_info where goods_id=2'; // $sql = "show database"; $res = $pdo->query($sql) or var_dump($pdo->errorInfo()); // var_dump($res); $mon = $res->fetch(PDO::FETCH_ASSOC); echo $mon['goods_price']; } catch (PDOException $e) { echo $e->getMessage(); } ?>

PDO操作事务

//开启事务
beginTransacition()
//回滚
rollback()
//提交
commit()
//判断是否处于事务之中
inTransaction()

返回最后插入行的ID
PDO::lastInsertID()

<

exec()执行
与query()相比，exec()返回的是受影响行数

$sql = "insert into table values('$val')";
if(false===$pdo->exec($sql)){
    echo '执行失败';
}

PDO实现预编译

指的是预先编译sql的结构的一种执行sql的语法
如果执行多条结构相同的sql，编译的中间结果（语法树）应该也是一致的，因此可以将相同的结构，统一编译，每次使用不同的数据执行即可。

• 编译统一的结构
  $pdoStatement = $pdo->prepare(sql结构)
• 绑定数据到中间编译结果
  $pdoStatement ->bindValue()
• 执行
  $pdoStatement ->execute()

//$sql = "insert into table values(null,?)";
$sql = "insert into table values(null,:name)";

$stmt = $pdo->prepare($sql);
//多组数据也是一编译一执行
//$stmt->bindValue(1,'bee');
$stmt->bindValue(':name','bee');

$res = $stmt->execute();
var_dump($res);

预编译能更好地防止sql注入，是因为预编译时候不需要用户的数据参与，因此编译时结构固定，所以数据不影响到sql结构。
$pdo->query()与$pdo->execute()如果需要防止sql注入，可以使用$pdo->quote()(其作用是先转义后加引号)

• PDOstatement常用方法
  errorInfo()
  errorCode()
  fetchColumn()
  fetch()
  fetchAll()
  rowCount()
  closeCursor()

pdo应用

<?php
header('content-type:text/html;charset=utf-8');
    class PDODB{
        static private $_init;
        private $_host;
        private $_port;
        private $_dbname;
        private $_username;
        private $_password;
        private $_charset;
        private $_dns;
        private $_pdo;

        private function __construct($config){
            $this->_initParamas($config);
            $this->_initDNS();
            $this->_initDriverOptions();
            $this->_initPDO();
        }
        private function __clone(){}

        static public function getInstance($config){
            if(!static::$_init instanceof static){
                static::$_init = new static($config);
            }
            return static::$_init;
        }

        private function _initParamas($config){
            $this->_host = isset($config['host'])?$config['host']:'localhost';
            $this->_port = isset($config['port'])?$config['port']:'3306';
            $this->_dbname = isset($config['dbname'])?$config['dbname']:'';
            $this->_username = isset($config['username'])?$config['username']:'root';
            $this->_passward = isset($config['passward'])?$config['passward']:'';
            $this->_charset = isset($config['charset'])?$config['charset']:'utf8';
        }
        private function _initDNS(){
            $this->_dns = "mysql:host=$this->_host;port=$this->_port;dbname=$this->_dbname";
        }
        private function _initDriverOptions(){
            $this->_driverOptions = array(
                PDO::MYSQL_ATTR_INIT_COMMAND => "set names $this->_charset"
            );
        }
        private function _initPDO(){
            $this->_pdo = new PDO($this->_dns,$this->_username,$this->_passward,$this->_driverOptions) or die("fail");
        }

        public function query($sql){
            if(!$result = $this->_pdo->query($sql)){
                $erro = $this->_pdo->errorInfo();
                echo '失败的语句'.$sql.'<br>';
                echo '错误代码'.$erro[1].'<br>';
                echo '错误信息'.$erro[2].'<br>';
                die;
            }
            return $result;
        }

        public function fetchAll($sql){
            $res = $this->query($sql);
            $list = $res->fetchAll(PDO::FETCH_ASSOC);
            $res->closeCursor();
            return $list;
        }
        public function fetchRow($sql){
            $res = $this->query($sql);
            $row = $res->fetch(PDO::FETCH_ASSOC);
            $res->closeCursor();
            return $row;
        }
        public function fetchOne($sql){
            $res = $this->query($sql);
            $one = $res->fetchColumn();
            $res->closeCursor();
            return $one;
        }
        public function escape_string($data){
            return $this->_pdo->quote($data);
        }
    }
    $config = array(
        "host"=>"localhost",
        "username"=>"root",
        "passward"=>"root",
        "dbname"=>"students"
    );
    $pdo = PDODB::getInstance($config);
    $sql = "select sdept from student where sage=21";
    var_dump($pdo->fetchRow($sql));
?>