Shulou(Shulou.com)06/01 Report--

This article introduces how to use prepare in php. The content is very detailed. Interested friends can use it for reference. I hope it will be helpful to you.

In php, "PDO::prepare" indicates the statement to be executed and returns the statement object, which uses syntax such as "public PDO::prepare (string $statement, array $driver_options = array ())".

This article operating environment: Windows7 system, PHP7.1 version, DELL G3 computer

What is the use of php prepare?

PDO::prepare

(PHP 5 > = 5.1.0, PHP 7, PHP 8, PHP 8 Perl pdo > = 0.1.0)

PDO::prepare-prepares the statement to be executed and returns the statement object

Description

Public PDO::prepare (string $statement, array $driver_options = array ()): PDOStatement

Prepare the SQL statement to be executed for the PDOStatement::execute () method. A statement template can contain zero or more parameter placeholders in the form of a named (: name) or question mark (?) and will be replaced with real data when it is executed. In the same statement template, the naming form and the question mark form cannot be used at the same time; only one parameter form can be selected. Please bind the data entered by the user in the form of parameters, and do not directly concatenate the string into the query.

When PDOStatement::execute () is called, the parameter of each value occupies a placeholder, and the name must be unique. Unless emulation mode is enabled, parameters with duplicate names cannot be used in the same statement.

Note:

Parameter placeholders can only literally display complete data. It cannot be a literal part, a keyword, an identifier, or any other range. Example: you cannot bind multiple values to a single parameter and then query with IN () in the SQL statement.

Invoking the same SQL statement multiple times through PDO::prepare () and PDOStatement::execute () with different parameters will improve the performance of the application-the driver allows the client / server to cache queries and meta information. At the same time, calls to PDO::prepare () and PDOStatement::execute () can also prevent SQL injection attacks, eliminating the need to manually quote and escape parameters.

If the built-in driver does not support parameters, PDO will simulate the function of the parameters; if the driver supports only one of the styles (named parameters and question mark parameters), it will automatically rewrite to the other style.

Note: The parser used for emulated prepared statements and for rewriting named or question mark style parameters supports the non standard backslash escapes for single- and double quotes. That means that terminating quotes immediately preceeded by a backslash are not recognized as such, which may result in wrong detection of parameters causing the prepared statement to fail when it is executed. A work-around is to not use emulated prepares for such SQL queries, and to avoid rewriting of parameters by using a parameter style which is natively supported by the driver.

Parameters.

Statement

Must be a SQL statement template that is valid for the target database server.

Driver_options

The array contains one or more key= > value key-value pairs that set properties for the returned PDOStatement object. The common usage is to set PDO::ATTR_CURSOR to PDO::CURSOR_SCROLL and you will get a scrollable cursor. Some drivers have driver-level options, which are set at prepare.

Return value

If the database server finishes preparing the statement, PDO::prepare () returns the PDOStatement object. If the database server cannot prepare the statement, PDO::prepare () returns false or throws PDOException (depending on the error handler).

Note:

Prepare statements in impersonation mode do not interact with the database server, so PDO::prepare () does not check the statements.

Example

Example # 1 SQL statement template in the form of named parameters

Example # 2 SQL statement template in question mark form

What are the PHP development environment building tools? phpStudy is the most commonly used development environment for beginners. Second, WampServer,WampServer is also as simple as phpStudy and more friendly to rookies. Third, XAMPP,XAMPP (Apache+MySQL+PHP+PERL) is a powerful integrated software package for building stations; fourth, MAMP,MAMP is divided into two types: MAMP and MAMP Pro for Mac. Pagoda panel, pagoda panel is a server management software that supports windows and linux systems. 6. UPUPW,UPUPW is the most characteristic Web server PHP suite under the Windows platform.

About how to use prepare in php to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.