PHP,PDO Pre-compilation technology

(1)

　　　　　　

For example, the following statement:

1INSERT into BIAO1 values (' Li Ning ', ' -');2INSERT into BIAO1 values (' Anta ', ' -');3INSERT into BIAO1 values (' Pico ', ' -');4INSERT into BIAO1 values (' Jordan ', ' -');5INSERT into BIAO1 values (' Nike ', ' -');6INSERT into BIAO1 values (' Artie ', ' -');7INSERT into BIAO1 values ('361’，‘ -’）；

Then, this PDO can just compile the same place for these statements once, and then execute the different statements according to the difference.

1 or, for example , 2 INSERT INTO team values (NULL, ' Guoan '); 3 INSERT INTO team values (NULL, ' Evergrande '); 4 INSERT INTO team values (NULL, ' Jianguo '); 5 INSERT INTO team values (NULL, ' green space ');

The implementation of the syntax:

　　　　

1 (1) Compile the unified structure,2 (2) bind the data to the intermediate compilation result,3 ( 3) Execute the statement that binds the data

1 (1) Compile a unified structure,2             $PDOStatement = $pdo-Prepare (SQL structure); 3             In the data section of the SQL structure, you can use Hello or the syntax of the colon tag to occupy:

1 (2) bind data to intermediate compilation results,2              $PDOStatement->bindvalue ()

1 (3) executes the data-bound statement     2               $PDOStatement->execute ();

Pre-compilation Benefits:

Better to prevent SQL injection because the user's data does not need to be involved when precompiling. At compile time, the structure is fixed, resulting in user data not affecting the structure of SQL

Common methods of execution:

$pdo->query ();

$pdo->exec ()

If you need to prevent SQL injection , you need to manually escape user data by using the $pdo->quote () method. Escape and enclose with quotation marks.

　　　　

PHP,PDO Pre-compilation technology