未加星标

PDO for beginner (part 2)

字体大小 | |
[开发(php) 所属分类 开发(php) | 发布者 店小二04 | 时间 2016 | 作者 红领巾 ] 0人收藏点击收藏

InPart 1 of the PDO tutorial, we saved data in our database directly using PDO. This is not ideal for security, however, as it can get affected by SQL injections. To save our data from SQL injections we use prepared statements in mysqli and PDO. In this part, we are going to learn how to make PDO prepared statements.

For this tutorial, we are going to use the same database and PDO connection class that we created in part 1. Let’s get started.

Table Of Content Using PDO Prepared Statements 1. Using PDO Prepared Statements

There are two ways you can use PDO prepared statements to execute your queries. Let’s learn both these methods.

Using Named Parameters:

In named parameters, we gave a name to the prepared value from which the value will be replaced. Let’s take a look at the example below:

Replace the code in index.php with this one:

Let’s decipher this code now:

First, we have created a prepared statement in which we have replaced our insert values with a prepared name i.e :name and :email . After that we prepared it with our PDO connection.

Then we have binded our value using key => value array and executed it.

Using Question Mark Parameters:

In this method, we use question mark instead of a prepared name and bind our value in an array at the time of execution. For example:

Replace the code of index.php with the code given below.

The code is similar to the one in the previous example, but with some differences. In this code we have used PDO::bindParam to bind the data with our query using foreach . Let’s understand the array which we have binded the values with.

Integer 1 as a key represents the first ? and then we have added the value for that question mark and so on. Once we have created the array, we binded it to our query using foreach.

We have used foreach to bind our value to bindParam because we can’t pass direct array to it. Once the values are binded, we execute the code.

2. The End

This is the second and final part of the PDO series. I hope you have understood all the PDO from my article. If you haven’t, feel free to contact me or comment in the section below. For more references on PDO, see the official document on thephp site.

Hopefully this simple tutorial helped you with your development.

If you like our post, please follow us on Twitter and help spread the word. We need your support to continue.

If you have questions or find our mistakes in above tutorial, do leave a comment below to let us know.

Author Bio

Ahmed Khan is the PHP Community Manager at Cloudways, a hosting company that specializes in optimized PHP hosting services . He writes about PHP, MySQL and covers different tips and tricks related to PHP. He is currently active on Cloudways and other different blogs. When he is not writing about PHP, he likes watching The Flash, Game Of Thrones and is a die-hard fan of DC Comics. You can follow him on Twitter or connect with him on Facebook .

本文开发(php)相关术语:php代码审计工具 php开发工程师 移动开发者大会 移动互联网开发 web开发工程师 软件开发流程 软件开发工程师

主题: PHPSQLMySQLFacebookTwitter
分页:12
转载请注明
本文标题:PDO for beginner (part 2)
本站链接:http://www.codesec.net/view/483271.html
分享请点击:


1.凡CodeSecTeam转载的文章,均出自其它媒体或其他官网介绍,目的在于传递更多的信息,并不代表本站赞同其观点和其真实性负责;
2.转载的文章仅代表原创作者观点,与本站无关。其原创性以及文中陈述文字和内容未经本站证实,本站对该文以及其中全部或者部分内容、文字的真实性、完整性、及时性,不作出任何保证或承若;
3.如本站转载稿涉及版权等问题,请作者及时联系本站,我们会及时处理。
登录后可拥有收藏文章、关注作者等权限...
技术大类 技术大类 | 开发(php) | 评论(0) | 阅读(39)