PDO access Mode operations database

MYSQLI is specifically accessing the MySQL database and cannot access other databases. PDO can access a variety of databases, which combine the operations classes together to create a data access abstraction layer, which is the PDO, the database corresponding to the class operation. Mysqli is a class, and PDO is a class, except that the PDO class is more powerful.

Features of PDO
1. Access to different databases
2. Bring your own transaction functionality. A transaction is the execution of several SQL statements at the same time, but if 1 of the statements are wrong and cannot be executed, then all of them fail.
3. Prevent SQL injection attacks.

1. Accessing different databases

The following code is to access the MySQL database, if access to other databases, only need to change the database in the object to drive MySQL, switch to other database driver.

<!DOCTYPE HTML Public "-//W3C//DTD XHTML 1.0 transitional//en" "http://www.w3.org/TR/xhtml1/DTD/ Xhtml1-transitional.dtd "><HTMLxmlns= "http://www.w3.org/1999/xhtml"><Head><Metahttp-equiv= "Content-type"content= "text/html; charset=utf-8" /><title>Untitled Document</title></Head><Body>

<?PHP//the use of PDO//1. Build Objects$dsn= "Mysql:dbname=text1;host=localhost";//MySQL refers to the MySQL database driver name, plus a colon, followed by the name of the database. Host is the server's address, which is localhost. If you want to use a different database, change the driver name of the database. You can find it from the PHP manual. The driver of the writing must be the driver of a good environment. You can enter server address localhost to find supported database drivers in the browser address bar. $pdo=NewPDO ($dsn, "Root", "666");//parameters: 1. server address 2. Name of the database 3. Server password//write SQL statement$sql= "Update Nation set Name= ' orc ' where code= ' n003 '";//Execute SQL statement//$r = $pdo->exec ($sql);//Returns the number of affected bars?>

</ Body > </ HTML >

2. Transaction function

<!DOCTYPE HTML Public "-//W3C//DTD XHTML 1.0 transitional//en" "http://www.w3.org/TR/xhtml1/DTD/ Xhtml1-transitional.dtd "><HTMLxmlns= "http://www.w3.org/1999/xhtml"><Head><Metahttp-equiv= "Content-type"content= "text/html; charset=utf-8" /><title>Untitled Document</title></Head><Body>

<?PHP//1. Building Objects$dsn= "Mysql:dbname=text1;host=localhost";$pdo=NewPDO ($dsn, "Root", "666");//set the exception mode, if you blow your mistake, throw an exception. 2 parameters do not enclose a double quotation mark. $pdo->setattribute (pdo::attr_errmode,pdo::errmode_exception);//Write SQL statements$sql 1= "INSERT into nation values (' Noo5 ', ' Terran ')";$sql 2= "INSERT into nation values (' Noo6 ', ' elf Clan ')";//Execute 2 SQL statementsTry//try represents plus transaction{    $pdo->begintransaction ();//Start a transaction        $pdo-exec($sql 1); $pdo-exec($sql 2); $pdo->commit ();//Commit a transaction}Catch(pdoexception$e)//catch the exception that appears. $e represents the caught exception, and the exception is stored inside the $e. {    //$e->getmessage ();//Get the error message.     $pdo->rollback ();//Rollback , if an error occurs in one place, before returning to the overall operation. }?>

</ Body > </ HTML >

3. Prevent injection

(1) How to occupy the position?

<!DOCTYPE HTML Public "-//W3C//DTD XHTML 1.0 transitional//en" "http://www.w3.org/TR/xhtml1/DTD/ Xhtml1-transitional.dtd "><HTMLxmlns= "http://www.w3.org/1999/xhtml"><Head><Metahttp-equiv= "Content-type"content= "text/html; charset=utf-8" /><title>Untitled Document</title></Head><Body>

<?PHP//prevent SQL injection//1. Build Objects$dsn= "Mysql:dbname=text1;host=localhost";$pdo=NewPDO ($dsn, "Root", "666");//Write SQL statements, preprocessing statements. $sql= "INSERT into nation values (?,?)";//the variable is not written first, use it to occupy position. Let's send this statement to the past. Prepares the SQL statement to return the statement object. $st=$pdo->prepare ($sql);/*//Bind parameter $st->bindparam (1, $code);//index starting from 1. $st->bindparam (2, $name); $code = "n002";//You can also assign a value in front. $name = "Dwarf clan";//Commit execution $st->execute ();//Call this method to execute, the parentheses do not have to give the SQL statement, the SQL statement has passed. */$attr=Array("n007", "Demon Clan");//create an array in which to correspond with the added content. These 2 lines are equivalent to the 4 lines of the/**/tag above. Submit Execution$st->execute ($attr);//Put the array directly inside the execution. Pretreatment in use? placeholder, give the array the time to give the index array, and the contents of the array should correspond with the content to be added. ?>

</ Body > </ HTML >

(2) The placeholder mode is name

<!DOCTYPE HTML Public "-//W3C//DTD XHTML 1.0 transitional//en" "http://www.w3.org/TR/xhtml1/DTD/ Xhtml1-transitional.dtd "><HTMLxmlns= "http://www.w3.org/1999/xhtml"><Head><Metahttp-equiv= "Content-type"content= "text/html; charset=utf-8" /><title>Untitled Document</title></Head><Body>

<?PHP//prevent SQL injection//1. Build Objects$dsn= "Mysql:dbname=text1;host=localhost";$pdo=NewPDO ($dsn, "Root", "666");//Write SQL statements, preprocessing statements. Use the name placeholder. $sql= "INSERT into nation values (: Code,:name)";//preceded by a colon, no colon will be treated as a normal variable//ready to execute$st=$pdo->prepare ($sql);/*//Bind parameter $st->bindparam (": Code", $code, PDO::P aram_str);//pdo::P aram_str indicates that it must be a string $st->bindparam (": Name", $name, PDO::P aram_str); $code = "No12"; $name = "Wolf clan";//execute $st->execute ();*/$attr=Array("Code" = "n025", "name" = "Zerg");//name placeholder, use associative arrays. //Execution$st->execute ($attr);?>

</ Body > </ HTML >

4. Reading data

<!DOCTYPE HTML Public "-//W3C//DTD XHTML 1.0 transitional//en" "http://www.w3.org/TR/xhtml1/DTD/ Xhtml1-transitional.dtd "><HTMLxmlns= "http://www.w3.org/1999/xhtml"><Head><Metahttp-equiv= "Content-type"content= "text/html; charset=utf-8" /><title>Untitled Document</title></Head><Body>

<?PHP//1. Building Objects$dsn= "Mysql:dbname=text1;host=localhost";$pdo=NewPDO ($dsn, "Root", "666");//Write SQL statements, preprocessing statements. Use the name placeholder. $sql= "SELECT * From Nation";//preceded by a colon, no colon will be treated as a normal variable//ready to execute$st=$pdo->prepare ($sql);//Execution$st-execute ();//Read Data//var_dump ($st->fetch ());//The output is the first one, can be read out with the while loop. Var_dump ($st->fetch (PDO::FETCH_ASSOC));//output is an associative array//var_dump ($st->fetch ());//output two-dimensional array//var_dump ($st, Fetch (PDO::FETCH_ASSOC));//output associative two-dimensional array?>

</ Body > </ HTML >

PDO access Mode operations database