Pdo
- $pdo = new PDO ("Mysql:host=localhost;dbname=database", ' username ', ' password ');
MYSQLI, process-oriented approach
- $mysqli = Mysqli_connect (' localhost ', ' username ', ' password ', ' database ');
Mysqli, Object-oriented
- $mysqli = new mysqli (' localhost ', ' username ', ' password ', ' database ');
Copy Code3, the database support PDO support a variety of databases, but mysqli only support MySQL 4. Named parameter name Parameterpdo mode:
- $params = Array (': username ' = ' = ' Test ', ': email ' + $mail, ': last_login ' = time ()-3600);
- $pdo->prepare ('
- SELECT * from Users
- WHERE Username =: username
- and email =: Email
- and Last_login >: Last_login ');
Copy CodeAnd mysqli is troublesome point, do not support this, can only:
- $query = $mysqli->prepare ('
- SELECT * from Users
- where username =?
- and email =?
- and Last_login >? ');
- $query->bind_param (' sss ', ' Test ', $mail, Time ()-3600);
- $query->execute ();
Copy CodeIn this case, a question mark of the order, but also more troublesome, inconvenient. 5, ORM Mapping support for example, there is a class user, for example:
- Class User
- {
- public $id;
- Public $first _name;
- Public $last _name;
- Public Function info ()
- {
- Return ' # '. $this->id. ': ' . $this->first_name. ' ' . $this->last_name;
- }
- }
- $query = "SELECT ID, first_name, last_name from users";
- Pdo
- $result = $pdo->query ($query);
- $result->setfetchmode (pdo::fetch_class, ' User ');
- while ($user = $result->fetch ())
- {
- echo $user->info (). "\ n";
- }
Copy CodeMysqli in a process-oriented manner:
- if ($result = Mysqli_query ($mysqli, $query)) {
- while ($user = Mysqli_fetch_object ($result, ' user ')} {
- echo $user->info (). " \ n ";
- }
- }
Copy Code6, prevent SQL injection (PHP to prevent SQL injection method parsing): PDO manual Setup
- $username = pdo::quote ($_get[' username ');
- $pdo->query ("SELECT * from users where username = $username");
Copy CodeUsing mysqli:
- $username = mysqli_real_escape_string ($_get[' username ');
- $mysqli->query ("SELECT * from users where username = ' $username '");
Copy Code7, Preparestamentpdo Way:
- $pdo->prepare (' select * from users where Username =: username ');
- $pdo->execute (Array (': username ' = $_get[' username '));
Copy CodeMysqli Way:
- $query = $mysqli->prepare (' select * from users where username =? ');
- $query->bind_param (' s ', $_get[' username ');
- $query->execute ();
Copy Code |