Home > Others

[Knowledge] PDO knowledge

Source: Internet
Author: User
Tags sql injection attack
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Auto: http://apps.hi.baidu.com/share/detail/50250843#content

Example 1654. Connecting to MySQL
<? PHP
$ DBH = new PDO ('mysql: host = localhost; dbname = test', $ user, $ pass );
?>   Example 1655. Handling connection errors
<? PHP
Try {
$ DBH = new PDO ('mysql: host = localhost; dbname = test', $ user, $ pass );
Foreach ($ DBH-> query ('select * From foo') as $ row ){
Print_r ($ row );
}
$ DBH = NULL;
} Catch (pdoexception $ e ){
Print "error! : ". $ E-> getmessage ()." <br/> ";
Die ();
}
?>   Example 1656. Closing a connection
<? PHP
$ DBH = new PDO ('mysql: host = localhost; dbname = test', $ user, $ pass );
// Use the connection here

// And now we're re done; close it
$ DBH = NULL;
?> Example 1657. Persistent connections
<? PHP
$ DBH = new PDO ('mysql: host = localhost; dbname = test', $ user, $ pass, array (
PDO: attr_persistent => true
));
?>   Example 1658. Executing a batch in a transaction
<? PHP
Try {
$ DBH = new PDO ('odbc: sample', 'db2inst1', 'ibmdb ',
Array (PDO: attr_persistent => true ));
Echo "connected \ n ";
$ DBH-> setattribute (PDO: attr_errmode, PDO: errmode_exception );
$ DBH-> begintransaction ();
$ DBH-> exec ("insert into staff (ID, first, last) values (23, 'job', 'bloggs ')");
$ DBH-> exec ("insert into salarychange (ID, amount, changedate)
Values (23,500 00, now ())");
$ DBH-> commit ();

} Catch (exception $ e ){
$ DBH-> rollback ();
Echo "failed:". $ e-> getmessage ();
}
?> Sample 1659. Repeated inserts using prepared statements
This example performs an insert query by substituting a name and a value for the named placeholders.
<? PHP
$ Stmt = $ DBH-> prepare ("insert into registry (name, value) values (: name,: Value )");
$ Stmt-> bindparam (': name', $ name );
$ Stmt-> bindparam (': value', $ value );
// Insert one row
$ Name = 'one ';
$ Value = 1;
$ Stmt-> execute ();
// Insert another row with different values
$ Name = 'two ';
$ Value = 2;
$ Stmt-> execute ();
?>     Sample 1660. Repeated inserts using prepared statements
This example performs an insert query by substituting a name and a value for the positional? Placeholders.
<? PHP
$ Stmt = $ DBH-> prepare ("insert into registry (name, value) values (?, ?) ");
$ Stmt-> bindparam (1, $ name );
$ Stmt-> bindparam (2, $ value );
// Insert one row
$ Name = 'one ';
$ Value = 1;
$ Stmt-> execute ();
// Insert another row with different values
$ Name = 'two ';
$ Value = 2;
$ Stmt-> execute ();
?>   Example 1661. Fetching data using prepared statements
This example fetches data based on a key value supplied by a form. The user input is automatically quoted, so there is no risk of a SQL injection attack.
<? PHP
$ Stmt = $ DBH-> prepare ("select * from registry where name =? ");
If ($ stmt-> execute (Array ($ _ Get ['name']) {
While ($ ROW = $ stmt-> fetch ()){
Print_r ($ row );
}
}
?>     Sample 1662. Calling a stored procedure with an output parameter
<? PHP
$ Stmt = $ DBH-> prepare ("Call sp_returns_string (?) ");
$ Stmt-> bindparam (1, $ return_value, PDO: param_str, 4000 );
// Call the Stored Procedure
$ Stmt-> execute ();
Print "procedure returned $ return_value \ n ";
?>   For example, 1663. Calling a stored procedure with an input/output parameter
<? PHP
$ Stmt = $ DBH-> prepare ("Call sp_takes_string_returns_string (?) ");
$ Value = 'hello ';
$ Stmt-& gt; bindparam (1, $ value, PDO: param_str | PDO: param_input_output, 4000 );
// Call the Stored Procedure
$ Stmt-> execute ();
Print "procedure returned $ value \ n ";
?>

Example 1664. Invalid use of placeholder
<? PHP
$ Stmt = $ DBH-> prepare ("select * from registry where name like '%? % '");
$ Stmt-> execute (Array ($ _ Get ['name']);
// Placeholder must be used in the place of the whole value
$ Stmt = $ DBH-> prepare ("select * from registry where name like? ");
$ Stmt-> execute (Array ("% $ _ Get [name] % "));
?>   Example 1665. displaying an image from a database
This example binds the LOB into the variable named $ lob and then sends it to the browser using fpassthru (). since the lob is represented as a stream, functions such as fgets (), fread () and stream_get_contents () can be used on it.
<? PHP
$ Db = new PDO ('odbc: sample', 'db2inst1', 'ibmdb ');
$ Stmt = $ db-> prepare ("select contenttype, imagedata from images where id =? ");
$ Stmt-> execute (Array ($ _ Get ['id']);
$ Stmt-> bindcolumn (1, $ type, PDO: param_str, 256 );
$ Stmt-> bindcolumn (2, $ lob, PDO: param_lob );
$ Stmt-> fetch (PDO: fetch_bound );
Header ("Content-Type: $ type ");
Fpassthru ($ LOB );
?>

For example, 1666. inserting an image into a database
This example opens up a file and passes the file handle to PDO to insert it as a lob. PDO will do its best to get the contents of the file up to the database in the most efficient manner possible.
<? PHP
$ Db = new PDO ('odbc: sample', 'db2inst1', 'ibmdb ');
$ Stmt = $ db-> prepare ("insert into images (ID, contenttype, imagedata) values (?, ?, ?) ");
$ Id = get_new_id (); // some function to allocate a new ID
// Assume that we are running as part of a file upload form
// You can find more information in the PHP documentation
$ Fp = fopen ($ _ FILES ['file'] ['tmp _ name'], 'rb ');
$ Stmt-> bindparam (1, $ id );
$ Stmt-> bindparam (2, $ _ FILES ['file'] ['type']);
$ Stmt-> bindparam (3, $ FP, PDO: param_lob );
$ Db-> begintransaction ();
$ Stmt-> execute ();
$ Db-> commit ();
?>

For example, 1667. inserting an image into a database: Oracle
Oracle requires a slightly different syntax for inserting a lob from a file. it's also essential that you perform the insert under a transaction, otherwise your newly inserted lob will be committed with a zero-length as part of the implicit commit that happens when the query is executed:
<? PHP
$ Db = new PDO ('oss: ', 'Scott', 'tiger ');
$ Stmt = $ db-> prepare ("insert into images (ID, contenttype, imagedata )".
"Values (?, ?, Empty_blob () Returning imagedata? ");
$ Id = get_new_id (); // some function to allocate a new ID
// Assume that we are running as part of a file upload form
// You can find more information in the PHP documentation
$ Fp = fopen ($ _ FILES ['file'] ['tmp _ name'], 'rb ');
$ Stmt-> bindparam (1, $ id );
$ Stmt-> bindparam (2, $ _ FILES ['file'] ['type']);
$ Stmt-> bindparam (3, $ FP, PDO: param_lob );
$ Stmt-> begintransaction ();
$ Stmt-> execute ();
$ Stmt-> commit ();
?>   Example 1668. The pdoexception class
<? PHP
Class pdoexception extends exception
{
Public $ errorinfo = NULL; // corresponds to PDO: errorinfo ()
// Or pdostatement: errorinfo ()
Protected $ message; // textual error message
// Use exception: getmessage () to access it
Protected $ code; // sqlstate error code
// Use exception: getcode () to access it
}
?> Example 1669. Using PDO: attr_driver_name
<? PHP
If ($ db-> getattribute (PDO: attr_driver_name) = 'mysql '){
Echo "running on MySQL; doing something MySQL specific here \ n ";
}
?> Additional information: Http://www.cnblogs.com/aspxphpjsprb/archive/2010/05/01/1725467.html

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
microsoft knowledge knowledge adventure knowledge database joomla knowledge base backblaze zero knowledge pmbok body of knowledge apc knowledge base

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More