Introduced
Today, php5.1.* and php5.2.* are found to be different when the database precompiled code executes.
Pre-compiling benefits
1. Use placeholders to avoid entering data verbatim into SQL. Automatically handles the escape of characters such as quotes and backslashes--increases security.
2. "Prepare" a statement in advance, and then bind different values at each execution to achieve reuse. -often used for statements that are executed more than once.
3. Strong readability.
Code
The database connection code is the same.
Copy Code code as follows:
$protol = ' mysql:host=localhost;dbname=test ';
$username = ' Monty ';
$passwd = ' 0818 ';
$DBH = new PDO ($protol, $username, $passwd);
Here are some tests. Note the SQL and for or foreach statements inside!
Test 1 (bound with a key value)
Copy Code code as follows:
$stmt = $dbh->prepare (' select * from t1 where Name=:name ');
$params = Array ();
$params [' name '] = ' Rentao ';
foreach ($params as $k => $v) {
$stmt->bindparam ($k, $v);
}
$stmt->execute ();
$item = Array ();
while ($row = $stmt->fetch (PDO::FETCH_ASSOC)) {
Var_dump ($row);
}
$stmt = null;
$DBH = null;
Conclusion:
PHP 5.1.* |
PHP 5.2.* |
Perform normal |
Perform normal |
$params [' name '] = ' Rentao ' and $params[': Name ']= ' Rentao ' can be executed, stating that it is not subject to the ":" Restriction. |
Test 2 (the number subscript to bind, but the starting parameter of the binding is 1)--": Key" on the php5.2.* can not be bound with the digital subscript
Copy Code code as follows:
$stmt = $dbh->prepare (' select * from t1 where name=:name limit 2 ');
$params = Array ();
$params [] = ' rentao ';//This does not add ":" Can be successfully executed
For ($i =0, $iLen = count ($params); $i < $iLen; $i + +) {
$k = $i +1;
$stmt->bindparam ($k, $params [$i]);
}
echo "here1\n";
$stmt->execute ();
echo "here2\n";
$item = Array ();
while ($row = $stmt->fetch (PDO::FETCH_ASSOC)) {
Var_dump ($row);
}
$stmt = null;
$DBH = null;
Conclusion:
PHP 5.1.* |
PHP 5.2.* |
Perform normal |
Error occurred: "PHP Warning:pdostatement::execute (): sqlstate[hy093]: Invalid parameter number:parameter is not defined" |
If you change ": Name" to "?", then two versions can be successfully carried out. |
You cannot use both symbols at the same time. such as SELECT * from T2 where name=. Limit :p Age |
Test 3 (Limit binding: page)
Copy Code code as follows:
$stmt = $dbh->prepare (' select * T2 where name=:name limit:p age ');
$params = Array ();
$params [' name '] = ' rentao ';//This does not add ":" Can be successfully executed
$params [' page '] = 2;
foreach ($params as $k => $v) {
$stmt->bindparam ($k, $v);
}
$stmt->execute ();
echo "here1\n";
$item = Array ();
while ($row = $stmt->fetch (PDO::FETCH_ASSOC)) {
Var_dump ($row);
}
echo "here2\n";
$stmt = null;
$DBH = null;
Conclusion:
PHP 5.1.* |
PHP 5.2.* |
The process is in a wait state while executing to $stmt->execute () |
Performing normally: no results are printed |
Test 4 (pre-compiled under limit: page)--use "? "Mechanism runs
Copy Code code as follows:
$stmt = $dbh->prepare (' select * from T2 where name=? limit? ');
$params = Array ();
$params [] = ' Rentao ';
$params [] = 2;
For ($i =0, $iLen = count ($params); $i < $iLen; $i + +) {
$k = $i +1;
$stmt->bindparam ($k, $params [$i]);
}
$stmt->execute ();
$item = Array ();
while ($row = $stmt->fetch (PDO::FETCH_ASSOC)) {
Var_dump ($row);
}
$stmt = null;
$DBH = null;
PHP 5.1.* |
PHP 5.2.* |
Perform normal |
Performing normally: no results are printed |
Test 5---ORDER BY)
PHP 5.1.* |
PHP 5.2.* |
Print out results, but not sorted by order |
Performing normally: no results are printed |
Summary
PHP in the use of PDO do database precompiled operations, as far as possible to avoid the use of limit, order by, the group by doing precompiled processing. Binding variables We try to use uniform standards, otherwise we use "? ", otherwise use": Key ".
Useful command, I tested in php5.1.*, and I passed the SCP to the php5.2.* server.
Copy Code code as follows:
scp-p9888 index.php Rentao@192.168.10.4:/home/rentao