PHP - 将PDO转换为普通代码

时间:2012-02-12 00:48:18

标签: php mysql

我想知道是否有人可以帮助我。

我试图将一些代码集成到我的应用程序中,我需要集成的代码是用PDO语句编写的,我不知道它是怎么回事。

我想知道是否有人可以帮我转换它。

代码如下

$sql = "insert into message2 (mid, seq, created_on_ip, created_by, body) values (?, ?, ?, ?, ?)";
$args = array($mid, $seq, '1.2.2.1', $currentUser, $body);
$stmt = $PDO->prepare($sql);
$stmt->execute($args);
if (empty($mid)) {
    $mid = $PDO->lastInsertId();
}
$insertSql = "insert into message2_recips values ";
$holders = array();
$params = array();
foreach ($rows as $row) {
    $holders[] = "(?, ?, ?, ?)";
    $params[] = $mid;
    $params[] = $seq;
    $params[] = $row['uid'];
    $params[] = $row['uid'] == $currentUser ? 'A' : 'N';
}
$insertSql .= implode(',', $holders);
$stmt = $PDO->prepare($insertSql);
$stmt->execute($params);

1 个答案:

答案 0 :(得分:0)

由于某些技术原因,你不能使用PDO unles。如果你不知道,那就去学习吧。也许这会让你开始:

/* 
This the actual SQL query the "?" will be replaced with the values, and escaped accordingly 
- ie. you dont need to use the equiv of mysql_real_escape_string - its going to do it 
autmatically 
*/
$sql = "insert into message2 (mid, seq, created_on_ip, created_by, body) values (?, ?, ?, ?, ?)";

    // these are the values that will replace the ?
    $args = array($mid, $seq, '1.2.2.1', $currentUser, $body);

    // create a prepared statement object
    $stmt = $PDO->prepare($sql);

    // execute the statement with $args passed in to be used in place of the ?
    // so the final query looks something like:
    // insert into message2 (mid, seq, created_on_ip, created_by, body) values ($mid, $seq, 1.2.2.1, $currentUser, $body)
    $stmt->execute($args);


    if (empty($mid)) {
        // $mid id is the value of the primary key for the last insert
        $mid = $PDO->lastInsertId();
    }

    // create the first part of another query
    $insertSql = "insert into message2_recips values ";

    // an array for placeholders - ie. ? in the unprepared sql string
    $holders = array();

    // array for the params we will pass in as values to be substituted for the ?
    $params = array();

    // im not sure what the $rows are, but it looks like what we will do is loop
    // over a recordset of related rows and do additional inserts based upon them
    foreach ($rows as $row) {
        // add a place holder string for this row
        $holders[] = "(?, ?, ?, ?)";

        // assign params
        $params[] = $mid;
        $params[] = $seq;
        $params[] = $row['uid'];
        $params[] = $row['uid'] == $currentUser ? 'A' : 'N';
    }
    // modify the query string to have additional place holders
    // so if we have 3 rows the query will look like this:
    // insert into message2_recips values (?, ?, ?, ?),(?, ?, ?, ?),(?, ?, ?, ?)
    $insertSql .= implode(',', $holders);

    // create a prepared statment
    $stmt = $PDO->prepare($insertSql);

    // execute the statement with the params
    $stmt->execute($params);

PDO确实更好。它具有与MySQLi相同的功能,但具有跨DB驱动程序的一致接口(即,只要您的SQL符合不同的数据库,理论上您可以使用与mysql,sqlite,postresql等完全相同的PHP代码)更好的参数绑定准备好的语句。既然你不应该以任何方式使用mysql扩展,并且MySQLi比PDO使用起来更麻烦,除非你特别需要支持旧版本的PHP,否则它真的不费脑筋。

相关问题
最新问题