I just transferred to php. please help me write code for the segment database query class.

I just transferred to php. please help me write code for the segment database query class. Hello, I first switched to php and wanted to create a database operation class with a pdo connection, but I don't know how to call php, please give us some advice.
Class file coon. php content:

 Query ("set names UTF8"); $ dbh-> exec ("set names UTF8");} catch (Exception $ e) {echo 'data error :'. $ e-> getMessage () ;}/// close the database connection public function SQL _close () {$ dbh = null ;}// query the database public function my_query ($ SQL) {$ this-> SQL _open (); // $ this-> something = $ this-> dbh-> query ($ SQL ); // $ result = $ this-> something-> fetchAll (); // return $ result; how can I write it to return data? }}?>

Page call code:

 My_query ('select * FROM user_type order by user_id ') as $ row) {// here the query content is output cyclically} $ mysql-> SQL _close ();?>

I hope I can't figure it out in detail. I can't call all functions using asp or asp.net. I want to write a common function for querying, inserting, updating, and deleting data, the SQL statement that can be executed externally.

Reply to discussion (solution)

1 floor. Wait for a great answer!

$ This-> dbh = new PDO ($ dsn, $ user, $ pass );

Your my_query looks correct. open the lines in the comment. Try it first.

I finally got it done. I read a lot of code on the Internet, and the test failed countless times. The result was a general class of getting it out, inserting, deleting, and updating. could you please give me some advice on the disadvantages of doing so, will it affect performance. The parameterization in the next step is said to prevent SQL injection.

Conn. php content:

 Dsn, $ this-> user, $ this-> pass); $ dbh-> query ("set names UTF8"); return $ dbh-> query ($ SQL ); $ dbh = null;} catch (Exception $ e) {echo 'Error :'. $ e-> getMessage () ;}/// operation of a single piece of data (update, delete, or insert). No public function SQL _one ($ SQL) is returned) {try {$ dbh = new PDO ($ this-> dsn, $ this-> user, $ this-> pass ); $ dbh-> exec ("set names UTF8"); $ dbh-> exec ($ SQL); $ dbh = null;} catch (Exception $ e) {echo 'Error: '. $ e-> getMessage () ;}// operate multiple data records (update/delete). No result is returned. Public function SQL _more ($ SQL, $ str) {try {$ dbh = new PDO ($ this-> dsn, $ this-> user, $ this-> pass ); $ dbh-> exec ("set names UTF8"); foreach ($ str as $ arrs) {$ dbh-> exec ($ SQL. $ arrs) ;}$ dbh = null;} catch (Exception $ e) {echo 'Error :'. $ e-> getMessage () ;}}?>

Page call function:

Include 'Conn. php '; $ mysql = new my_ SQL; // you can select data FROM a single operation. $ mysql-> SQL _one ("DELETE FROM 'User _ type' WHERE 'user _ id' = ". $ _ REQUEST ['id']. ""); // read content $ aa = $ mysql-> SQL _select ('select * FROM user_type order by user_id '); foreach ($ aa as $ row) {// echo of the output content''; Echo''. $ Row ['User _ id'].''. $ Row ['User _ name'].''. $ Row ['User _ real_name'].''. $ Row ['User _ sex'].''. $ Row ['User _ tel'].''. $ Row ['User _ QQ'].''. $ Row ['User _ address'].''. $ Row ['User _ email'].'Delete'; Echo'';} // Operate multiple data records $ id = $ _ POST ['delall']; if (isset ($ id )) {$ mysql-> SQL _more ("DELETE FROM 'User _ type' WHERE 'user _ id' =", $ id );}

The above operation methods and ideas follow the habit of asp.net development. I don't know if it is practical in php Development. I hope you can give me some advice.

You cannot prevent injection. PDO: prepare is required for Injection Prevention.

 prepare('SELECT name, colour, calories    FROM fruit    WHERE calories < ? AND colour = ?');$sth->execute(array(150, 'red'));$red = $sth->fetchAll();$sth->execute(array(175, 'yellow'));$yellow = $sth->fetchAll();?>

You cannot prevent injection. PDO: prepare is required for Injection Prevention.

 prepare('SELECT name, colour, calories    FROM fruit    WHERE calories < ? AND colour = ?');$sth->execute(array(150, 'red'));$red = $sth->fetchAll();$sth->execute(array(175, 'yellow'));$yellow = $sth->fetchAll();?>

I will get the method you mentioned, parameterized query