1. 代码100分首页
  2. 代码基础

php操作mysql数据库(增删改查)_docker搭建php开发环境

小小码 代码基础 阅读 101

php操作mysql数据库(增删改查)_docker搭建php开发环境【Mysqli面向对象方式操作数据库】 添加、修改、删除数据 $mysqli = new mysqli('localhost','root','123456&#

PHP操作mysql(mysqli + PDO)

【Mysqli面向对象方式操作数据库】

添加、修改、删除数据

$mysqli = new mysqli("localhost","root","123456","test");
$mysqli->query("set names utf8");
//添加数据
$result = $mysqli->query("INSERT INTO users(name,money) VALUE ("张三",10)");
$result = $mysqli->query("INSERT INTO users(name,money) VALUE ("李四",200)");

//修改数据
$result = $mysqli->query("UPDATE users SET money=money+10 WHERE id = 3");

//删除数据
$result = $mysqli->query("DELETE FROM users WHERE id=3");

var_dump($result);

代码100分

查询数据

代码100分header("content-type:text/html;charset=utf-8");
$mysqli = new mysqli("localhost","root","123456","test");
$mysqli->query("set names utf8");

$result = $mysqli->query("SELECT * FROM users");
$data = $result->fetch_all(MYSQLI_ASSOC);
var_dump($data);

事务控制

header("content-type:text/html;charset=utf-8");
$mysqli = new mysqli("localhost","root","123456","test");
$mysqli->query("set names utf8");
$mysqli->autocommit(false); //开启事务
$sql1 = "UPDATE users SET money=money-10 where id=1";
$sql2 = "UPDATE users SET money=money+10 where id=20";
$mysqli->query($sql1);
$r1 = $mysqli->affected_rows;
$mysqli->query($sql2);
$r2 = $mysqli->affected_rows;
if($r1>0 && $r2>0){
    $mysqli->commit(); //事务提交
    echo "操作成功";
}else{
    $mysqli->rollback(); //事务回滚
    echo "操作失败";
}

预处理-增删改操作

代码100分header("content-type:text/html;charset=utf-8");
$mysqli = new mysqli("localhost","root","123456","test");
$mysqli->query("set names utf8");
$sql = "INSERT INTO users(name,money) VALUE(?,?)";
$stmt = $mysqli->prepare($sql);

$name = "王小小";
$money = 500;
$stmt->bind_param("si",$name,$money);
$result = $stmt->execute();
var_dump($result);

$name = "王大大";
$money = 600;
$stmt->bind_param("si",$name,$money);
$result = $stmt->execute();
var_dump($result);

预处理-查询操作

header("content-type:text/html;charset=utf-8");
$mysqli = new mysqli("localhost","root","","test");
$mysqli->query("set names utf8");
$sql = "SELECT * FROM users WHERE id>?";
$stmt = $mysqli->prepare($sql);
$id=1;
$stmt->bind_param("i",$id);
$stmt->bind_result($id,$name,$money);
$stmt->execute();

while($stmt->fetch()){
    $data[] = [
        "id"=>$id,
        "name"=>$name,
        "money"=>$money
    ];
}
var_dump($data);

【PDO方式操作数据库】

PDO查询数据

header("content-type:text/html;charset=utf-8");
$dsn = "mysql:host=localhost;dbname=test";
$pdo = new PDO($dsn,"root","123456");
$pdo->exec("set names utf8");
$sql = "SELECT * FROM users";
$stmt = $pdo->query($sql);
//$data = $stmt->fetch(PDO::FETCH_ASSOC);
$data = $stmt->fetchAll(PDO::FETCH_ASSOC);
var_dump($data);

PDO增删改数据

header("content-type:text/html;charset=utf-8");
$dsn = "mysql:host=localhost;dbname=test";
$pdo = new PDO($dsn,"root","123456");
$pdo->exec("set names utf8");
$sql = "UPDATE users SET money=500 WHERE id=1";
$result = $pdo->exec($sql);
var_dump($result);

PDO事务控制

header("content-type:text/html;charset=utf-8");
$dsn = "mysql:host=localhost;dbname=test";
$pdo = new PDO($dsn,"root","123456");
$pdo->exec("set names utf8");
$pdo->beginTransaction(); //开启事务
$sql1 = "UPDATE users SET money=money-100 WHERE id=1";
$r1 = $pdo->exec($sql1);

$sql2 = "UPDATE1 users SET money=money+100 WHERE id=2";
$r2 = $pdo->exec($sql2);

if($r1>0 && $r2>0){
    $pdo->commit(); //事务提交
    echo "操作成功";
}else{
    $pdo->rollBack(); //事务回滚
    echo "操作失败";
}
$pdo->setAttribute(PDO::ATTR_AUTOCOMMIT,1);
//var_dump($result);

PDO预处理

header("content-type:text/html;charset=utf-8");
$dsn = "mysql:host=localhost;dbname=test";
$pdo = new PDO($dsn,"root","123456");
$pdo->exec("set names utf8");

//$sql = "SELECT * FROM users WHERE id>:id";
$sql = "UPDATE users SET money=1000 WHERE id=:id";
$stmt = $pdo->prepare($sql);

$id = 4;
$stmt->bindParam(":id",$id);

//$stmt->bindValue(1,2);

$result = $stmt->execute();
var_dump($result);

//$data  = $stmt->fetchAll(PDO::FETCH_ASSOC);
//var_dump($data);

常见的SQL注入方式及防范措施

header("content-type:text/html;charset=utf-8");
$dsn = "mysql:host=localhost;dbname=test";
$pdo = new PDO($dsn,"root","123456");
$pdo->exec("set names utf8");
$id = isset($_GET["id"])?$_GET["id"]:1;
$sql = "SELECT * FROM users WHERE id=".$id;
$stmt = $pdo->query($sql);
$data = $stmt->fetchAll(PDO::FETCH_ASSOC);
var_dump($data);

//SELECT * FROM users WHERE id=1
//SELECT * FROM users WHERE id=1 or 1=1    SELECT * FROM users
//SELECT * FROM users WHERE id=1;drop table test;--

header("content-type:text/html;charset=utf-8");
$dsn = "mysql:host=localhost;dbname=test";
$pdo = new PDO($dsn,"root","123456");
$pdo->exec("set names utf8");

$sql = "SELECT * FROM users WHERE id=:id";
$stmt = $pdo->prepare($sql);
$id = isset($_GET["id"])?$_GET["id"]:1;
$stmt->bindParam(":id",$id);

$result = $stmt->execute();
$data = $stmt->fetchAll(PDO::FETCH_ASSOC);
var_dump($data);

版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。
转载请注明出处: https://daima100.com/10230.html

(0)
小小码小小码
0 0
上一篇 2023-01-23
下一篇 2023-01-23

相关推荐

发表回复

您的电子邮箱地址不会被公开。 必填项已用*标注