PHP MYSQLi Prepared Statement是高效重复执行同一语句的最佳方式之一。但是它需要额外的步骤和函数来执行查询,这有时会让大多数 php 初学者感到困惑。
PHP 提供 MYSQLi 过程、MYSQLi OOP和 PHP PDO 来执行数据库操作,如选择、插入、更新和删除。Prepared Statement 适用于所有三个。但在本教程中,我将介绍 MYSQLi Procedural。
那么什么是准备好的声明以及它是如何工作的呢?
根据维基百科:
在数据库管理系统(DBMS)中,预准备语句或参数化语句是一种用于高效地重复执行相同或相似的数据库语句的特性。通常与查询或更新等 SQL 语句一起使用,准备好的语句采用模板的形式,在每次执行期间将某些常量值替换到该模板中。”
现在您可以猜到准备好的语句分 3 步执行:
- 准备:使用占位符('?')创建语句模板并将其发送到 DBMS。喜欢
"Select * from users where email = ?"
- 编译:然后 DBMS 解析(编译)语句模板并存储结果而不执行它。
- 执行:在这一步中,数据被绑定或传递到占位符('?')并且数据库执行语句。用户可以执行许多具有不同值的语句
另请阅读:
- 如何使用 PHP 从 Mysql 中获取数据
- PHP 从文件夹和数据库中删除文件
- 如何使用 PHP、Mysql 和 jQuery 创建简单的登录表单
- 如何使用 Ajax、jQuery、Php 和 Mysql 创建简单的联系表单
- 如何使用 PHP 上传 CSV 并保存在 Mysql 数据库中
MYSQLi 准备好的语句:
如果您使用简单的 mysql 函数来查询数据库,那么您知道执行查询时使用了mysqli_query()
函数。然后你使用mysqli_fetch_*
函数来获得你想要的结果。这意味着您只需两步即可获得所需的结果。但是在准备好的语句中,您必须执行至少 4 个选择步骤和 3 个插入、更新、删除步骤才能获得所需的结果。这意味着,现在您将使用额外的 mysqli 函数来执行CRUD 操作。
功能 | 描述 | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
mysqli_prepare($connection, $query) | 准备 SQL 查询,并返回一个语句句柄以用于对该语句的进一步操作。 它需要2个参数。$connection 是一个连接字符串,$query 是一个 sql 查询。 | ||||||||||
mysqli_stmt_bind_param($stmt,$types.$variable1) | 将变量作为参数绑定到准备好的语句。$stmt 是一个语句标识符。$types 是一个字符串,其中包含对应绑定变量的字符串类型。字符串类型列表如下。$variable1 是一个字符串的数量和长度$types 。
| ||||||||||
mysqli_stmt_execute($stmt) | 执行一个准备好的查询 | ||||||||||
mysqli_stmt_bind_result($stmt,$variable1) | 将变量绑定到准备好的语句以存储结果。$stmt 是一个语句标识符。$variable1 是要找到的变量。 | ||||||||||
mysqli_stmt_get_result($stmt) | 从准备好的语句中获取结果集。$stmt 是一个语句标识符 | ||||||||||
mysqli_stmt_fetch($stmt) | 从准备好的语句中获取结果到绑定变量中。$stmt 是一个语句标识符 |
现在我认为您对用于查询数据库的准备好的语句和函数有足够的了解。所以现在让我们实际操作一下。
创建数据库:
1
2
3
|
create database demo;
|
创建数据库表:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
CREATE TABLE `customers` (
`id` INT(11) NOT NULL AUTO_INCREMENT,
`first_name` VARCHAR(255) NULL DEFAULT NULL,
`last_name` VARCHAR(255) NULL DEFAULT NULL,
`address` VARCHAR(255) NULL DEFAULT NULL,
`email` VARCHAR(255) NULL DEFAULT NULL,
`phone` VARCHAR(255) NULL DEFAULT NULL,
`country` VARCHAR(255) NULL DEFAULT NULL,
`city` VARCHAR(255) NULL DEFAULT NULL,
PRIMARY KEY (`id`)
)
COLLATE='latin1_swedish_ci'
ENGINE=InnoDB
AUTO_INCREMENT=95
;
|
在 MYSQL 表中插入一些记录:
1
2
3
4
5
6
7
8
9
10
11
12
|
INSERT INTO `customers` (`id`, `first_name`, `last_name`, `address`, `email`, `phone`, `country`, `city`) VALUES (97, 'John', 'Gillbey', '338 Sunfield Center', 'ygillbey2@npr.org', '869-198-7138', 'Poland', 'Kamionka Wielka');
INSERT INTO `customers` (`id`, `first_name`, `last_name`, `address`, `email`, `phone`, `country`, `city`) VALUES (96, 'Will', 'Smith', 'Abc house New York', 'afuge1@rediff.com', '494-246-3738', 'Russia', 'Dzhubga');
INSERT INTO `customers` (`id`, `first_name`, `last_name`, `address`, `email`, `phone`, `country`, `city`) VALUES (95, 'Cassandry', 'Croxon', '90 Shelley Terrace', 'ccroxon0@ustream.tv', '797-800-2312', 'China', 'Dongling');
INSERT INTO `customers` (`id`, `first_name`, `last_name`, `address`, `email`, `phone`, `country`, `city`) VALUES (94, 'Ahsan', 'Zameer', 'Abc house', 'ahsan@example.com', '123456789', 'Pakistan', 'Karachi');
INSERT INTO `customers` (`id`, `first_name`, `last_name`, `address`, `email`, `phone`, `country`, `city`) VALUES (93, 'Conner', 'Krajcik', '91179 Jast Lane\nDesmondfort, KS 22709-7059', 'dbartoletti@example.net', '876.918.8132 x7459', 'Kenya', 'Guidoborough');
INSERT INTO `customers` (`id`, `first_name`, `last_name`, `address`, `email`, `phone`, `country`, `city`) VALUES (92, 'Edwardo', 'Kling', '688 Araceli Roads\nNorth Charleyville, OR 91371-7211', 'tfarrell@example.org', '(445) 230-9112', 'Solomon Islands', 'Port Garnetville');
INSERT INTO `customers` (`id`, `first_name`, `last_name`, `address`, `email`, `phone`, `country`, `city`) VALUES (91, 'Rosalinda', 'Lubowitz', '2124 Kemmer Drives\nWest Vernaland, MI 64378', 'fhettinger@example.org', '240.601.4749', 'Antigua and Barbuda', 'Lake Stewarttown');
INSERT INTO `customers` (`id`, `first_name`, `last_name`, `address`, `email`, `phone`, `country`, `city`) VALUES (90, 'Albertha', 'Ritchie', '7611 Gleason Gateway\nEast Willie, MT 59038', 'mcglynn.flavie@example.org', '287-241-7595', 'Ethiopia', 'East Sophia');
INSERT INTO `customers` (`id`, `first_name`, `last_name`, `address`, `email`, `phone`, `country`, `city`) VALUES (89, 'Malcolm', 'Feest', '930 Hayes Lane Apt. 932\nBashirianstad, CT 81574', 'braun.nakia@example.org', '704-484-1277', 'Saint Lucia', 'Priceville');
INSERT INTO `customers` (`id`, `first_name`, `last_name`, `address`, `email`, `phone`, `country`, `city`) VALUES (88, 'Tremaine', 'Ortiz', '60507 Loyce Lodge\nPort Earline, DC 81599', 'qcollier@example.org', '1-597-867-0182 x8315', 'Brazil', 'New Melany');
|
创建数据库连接:
1
2
3
4
5
6
7
8
9
10
|
<?php
$conn = mysqli_connect($host,$dbUser,$password,$database);
if(!$conn)
{
die('unable to connect to database'.mysqli_error());
}
?>
|
获取所有记录:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
<?php
$qry = 'select * from customers';
$allUserStatement = mysqli_prepare($conn,$qry);
mysqli_stmt_execute($allUserStatement);
$getResult = mysqli_stmt_get_result($allUserStatement);
while($rows = mysqli_fetch_assoc($getResult))
{
print_r($rows);
}
?>
|
获取没有 bind_result 的单条记录:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
<?php
$userName = "Conner";
$qry = 'select id, first_name,last_name from customers where first_name = ?';
$userStatement = mysqli_prepare($conn, $qry);
mysqli_stmt_bind_param($userStatement, 's',$userName);
mysqli_stmt_execute($userStatement);
$result = mysqli_stmt_get_result($userStatement);
$getData = mysqli_fetch_assoc($result);
echo "id: ".$getData['id'];
echo "<br>";
echo "First name: ".$getData['first_name'];
echo "<br>";
echo "Last name: ".$getData['last_name'];
echo "<br>";
?>
|
使用 bind_result 获取单个记录:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
<?php
$userName = "Conner";
$qry = 'select id, first_name,last_name from customers where first_name = ?';
$userStatement = mysqli_prepare($conn, $qry);
mysqli_stmt_bind_param($userStatement, 's',$userName);
mysqli_stmt_execute($userStatement);
mysqli_stmt_bind_result($userStatement, $id, $first_name, $last_name);
mysqli_stmt_fetch($userStatement);
echo "id: ".$id;
echo "<br>";
echo "First name: ".$first_name;
echo "<br>";
echo "Last name: ".$last_name;
echo "<br>";
?>
|
获取具有多个 bind_param 列的单个记录:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
<?php
$id = 93;
$firstName = "Conner";
$lastName = "Krajcik";
$qry = 'select * from customers where id = ? and first_name = ? and last_name = ? ';
$userStatement = mysqli_prepare($conn, $qry);
mysqli_stmt_bind_param($userStatement, 'iss',$id,$firstName,$lastName);
mysqli_stmt_execute($userStatement);
$result = mysqli_stmt_get_result($userStatement);
$getData = mysqli_fetch_assoc($result);
print_r($getData);
?>
|
使用 LIKE 子句获取多条记录:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
<?php
$firstName = 'c%';
$qry = "select * from customers where first_name like ?";
$userStatement = mysqli_prepare($conn,$qry);
mysqli_stmt_bind_param($userStatement,'s',$firstName);
mysqli_stmt_execute($userStatement);
$result = mysqli_stmt_get_result($userStatement);
while($rows = mysqli_fetch_assoc($result))
{
print_r($rows);
}
?>
|
插入单条记录:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
<?php
$firstName = 'Ahsan';
$lastName = 'Zameer';
$address = 'Abc house';
$email = 'ahsan@example.com';
$phone = '123456789';
$country = 'Pakistan';
$city = 'Karachi';
$insertQry = 'insert into customers (first_name, last_name, address, email, phone, country, city) values(?,?,?,?,?,?,?)';
$insertStatement = mysqli_prepare($conn,$insertQry);
mysqli_stmt_bind_param($insertStatement,'sssssss',$firstName, $lastName, $address, $email, $phone, $country, $city);
mysqli_stmt_execute($insertStatement);
mysqli_close($conn);
?>
|
插入多条记录:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
<?php
$insertQry = 'insert into customers (first_name, last_name, address, email, phone, country, city) values(?,?,?,?,?,?,?)';
$insertStatement = mysqli_prepare($conn,$insertQry);
mysqli_stmt_bind_param($insertStatement,'sssssss',$firstName, $lastName, $address, $email, $phone, $country, $city);
$firstName = 'Cassandry';
$lastName = 'Croxon';
$address = '90 Shelley Terrace';
$email = 'ccroxon0@ustream.tv';
$phone = '797-800-2312';
$country = 'China';
$city = 'Dongling';
mysqli_stmt_execute($insertStatement);
$firstName = 'Ariela';
$lastName = 'Fuge';
$address = '2725 Manufacturers Hill';
$email = 'afuge1@rediff.com';
$phone = '494-246-3738';
$country = 'Russia';
$city = 'Dzhubga';
mysqli_stmt_execute($insertStatement);
$firstName = 'Yolande';
$lastName = 'Gillbey';
$address = '338 Sunfield Center';
$email = 'ygillbey2@npr.org';
$phone = '869-198-7138';
$country = 'Poland';
$city = 'Kamionka Wielka';
mysqli_stmt_execute($insertStatement);
mysqli_close($conn);
?>
|
插入表单数据:
1
2
3
4
5
6
7
8
9
10
11
12
13
|
<?php
$insertQry = 'insert into customers (first_name, last_name, address, email, phone, country, city) values(?,?,?,?,?,?,?)';
$insertStatement = mysqli_prepare($conn,$insertQry);
mysqli_stmt_bind_param($insertStatement,'sssssss',$_POST['first_name'], $_POST['last_name'],$_POST['address'], $_POST['email'], $_POST['phone'], $_POST['country'], $_POST['city']);
mysqli_stmt_execute($insertStatement);
mysqli_close($conn);
?>
|
更新单列:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
<?php
$firstName = "John";
$userID = 97;
$updateQry = "update customers set first_name = ? where id = ?";
$updateStatement = mysqli_prepare($conn,$updateQry);
mysqli_stmt_bind_param($updateStatement, 'si',$firstName,$userID);
mysqli_stmt_execute($updateStatement);
echo mysqli_affected_rows($conn);
mysqli_close($conn);
?>
|
更新多列:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
<?php
$firstName = "Will";
$lastName = "Smith";
$address = 'Abc house New York';
$userID = 96;
$updateQry = "update customers set first_name = ? , last_name = ? , address = ? where id = ?";
$updateStatement = mysqli_prepare($conn,$updateQry);
mysqli_stmt_bind_param($updateStatement, 'sssi',$firstName,$lastName,$address,$userID);
mysqli_stmt_execute($updateStatement);
echo mysqli_affected_rows($conn);
mysqli_close($conn);
?>
|
删除记录:
1
2
3
4
5
6
7
8
9
10
11
12
13
|
<?php
$id = 98;
$deleteQry = "delete from customers where id = ?";
$deleteStatement = mysqli_prepare($conn,$deleteQry);
mysqli_stmt_bind_param($deleteStatement, 'i',$id);
mysqli_stmt_execute($deleteStatement);
echo mysqli_affected_rows($conn);
?>
|