// pdo - $pdo = new pdo("mysql:host=localhost;dbname=database", 'username', 'password');
// mysqli, 面向過程方式 - $mysqli = mysqli_connect('localhost','username','password','database');
// mysqli, 物件導向 - $mysqli = new mysqli('localhost','username','password','database');
複製代碼3、資料庫支援pdo支援多種資料庫,但mysqli只支援mysql 4、具名引數name parameterpdo方式:
- $params = array(':username' => 'test', ':email' => $mail, ':last_login' => time() - 3600);
- $pdo->prepare('
- select * from users
- where username = :username
- and email = :email
- and last_login > :last_login');
複製代碼而mysqli則麻煩點,不支援這樣,只能:
- $query = $mysqli->prepare('
- select * from users
- where username = ?
- and email = ?
- and last_login > ?');
- $query->bind_param('sss', 'test', $mail, time() - 3600);
- $query->execute();
-
複製代碼這樣的話,一個個對問號的順序,也比較麻煩,不大方便。 5、orm映射的支援比如有個類user,例如:
- class User
- {
- public $id;
- public $first_name;
- public $last_name;
- public function info()
- {
- return '#' . $this->id . ': ' . $this->first_name . ' ' . $this->last_name;
- }
- }
- $query = "SELECT id, first_name, last_name FROM users";
- // PDO
- $result = $pdo->query($query);
- $result->setFetchMode(PDO::FETCH_CLASS, 'User');
- while ($user = $result->fetch())
- {
- echo $user->info() . "\n";
- }
複製代碼mysqli用面向過程的方式:
- if ($result = mysqli_query($mysqli, $query)) {
- while ($user = mysqli_fetch_object($result, 'User')) {
- echo $user->info()."\n";
- }
- }
複製代碼6、防止sql注入(php防止sql注入的方法解析):pdo 手工設定
- $username = pdo::quote($_get['username']);
- $pdo->query("select * from users where username = $username");
複製代碼使用mysqli:
- $username = mysqli_real_escape_string($_get['username']);
- $mysqli->query("select * from users where username = '$username'");
複製代碼7、preparestamentpdo方式:
- $pdo->prepare('select * from users where username = :username');
- $pdo->execute(array(':username' => $_get['username']));
複製代碼mysqli方式:
- $query = $mysqli->prepare('select * from users where username = ?');
- $query->bind_param('s', $_get['username']);
- $query->execute();
複製代碼 |
