使用预处理,动态处理需要操作的字段和值。先使用PDO来动态绑定参数。PDOModel:
/**
*DescriptionofPDO
*
*@authorAdministrator
*/
classPDOModel{
private$dbtype;//数据库类型
private$dbhost;//数据库地址
private$dbuser;//数据库用户名
private$dbname;//数据库名字
private$dbpwd;//密码
private$dsn;
private$pre='pre_';//数据库前缀
private$long=false;//是否需要长连接
private$field;
staticprivate$db;
//sql语句拼装
private$where;
private$sql=array(
'where'=>'',
'field'=>"`*`FROM",
'limit'=>'',
'order'=>'',
);
//构造函数,设置基本信息
function__construct($config,$field){
$this->dbtype=$config['dbtype'];
$this->dbhost=$config['dbhost'];
$this->dbuser=$config['dbuser'];
$this->dbname=$config['dbname'];
$this->dsn=$this->dbtype.":host=".$this->dbhost.";dbname=".$this->dbname;
$this->dbpwd=$config['dbpwd'];
if(isset($config['pre'])){
$this->pre=$config['pre'];
}
if(isset($config['long'])){
$this->long=$config['long'];
}
//设置需要操作的表
$this->field=$field;
//链接数据库
$this->contectSQL();
}
privatefunctioncontectSQL(){
//开始连接数据库
try{
if($this->long){
$dbh=newPDO($this->dsn,$this->dbuser,$this->dbpwd,array(PDO::ATTR_PERSISTENT=>true));
}else{
$dbh=newPDO($this->dsn,$this->dbuser,$this->dbpwd);
}
}catch(PDOException$ex){
die("ERROR!:".$ex->getMessage()."
");
}
self::$db=$dbh;
}
//where条件
functionwhere($arr){
$sql='';
foreach($arras$key=>$val){
$sql.="WHERE`".$key."`=:".$key;
}
$this->sql['where']=$sql;
$this->where=$arr;
return$this;
}
//order排序
functionorder($str){
$sql="ORDERBY".$str;
$this->sql['order']=$sql;
return$this;
}
//limit条件
functionlimit($str){
$sql="LIMIT".$str;
$this->sql['limit']=$sql;
return$this;
}
functionfield($str='*'){
//按,分割为数组,遍历添加引号拼装
$arr=explode(',',$str);
$count=count($arr);
$ss='';
$i=1;
foreach($arras$val){
if($i
$ss.="`".$val."`,";
}else{
$ss.="`".$val."`";
}
$i++;
}
$sql=$ss."FROM";
$this->sql['field']=$sql;
return$this;
}
//查询数据,查询多条数据
functionselect(){
$sql="SELECT".$this->sql['field']."`".$this->pre.$this->field."`".$this->sql['where']."".$this->sql['order']."".$this->sql['limit'];
foreach($this->whereas$key=>$val){
$array[$key]=$val;
}
return$this->prepared($sql,$array,2);
}
//查询uju,查询单条数据
functionfind(){
$sql="SELECT".$this->sql['field']."`".$this->pre.$this->field."`".$this->sql['where']."".$this->sql['order']."".$this->sql['limit'];
foreach($this->whereas$key=>$val){
$array[$key]=$val;
}
return$this->prepared($sql,$array,1);
}
//更新数据
functionsave($array){
$sql=$this->saveSql($array);
foreach($this->whereas$key=>$val){
$array[$key]=$val;
}
return$this->prepared($sql,$array);
//print_r($array);
//echo$sql;
}
functionsaveSql($array){
$field='';
$count=count($array);
$i=1;
foreach($arrayas$key=>$val){
if($i
$field.="`".$key."`=:".$key.",";
}else{
$field.="`".$key."`=:".$key;
}
$i++;
}
$sql="UPDATE`".$this->pre.$this->field."`SET".$field."".$this->sql['where'];
return$sql;
}
functiondelete(){
$sql="DELETEFROM`".$this->pre.$this->field."`".$this->sql['where'];
$array=array();
foreach($this->whereas$val=>$key){
$array[$val]=$key;
}
return$this->prepared($sql,$array).'
';
}
//数据插入方法,返回最终插入ID;
functionadd($array){
$sql=$this->addSql($array);
return$this->prepared($sql,$array).'
';
//echo$sql;
}
privatefunctionaddSql($array){
$field='';
$value='';
$i=1;
$count=count($array);
foreach($arrayas$key=>$val){
if($i
$field.="`".$key."`,";
$value.=":".$key.",";
}else{
$field.="`".$key."`";
$value.=":".$key;
}
$i++;
}
$sql="INSERTINTO`".$this->pre.$this->field."`(".$field.")VALUES(".$value.");";
return$sql;
}
privatefunctionprepared($sql,$data,$echo=0){
$stmt=self::$db->prepare($sql,array(PDO::ATTR_CURSOR=>PDO::CURSOR_FWDONLY));
foreach($dataas$key=>$val){
$stmt->bindParam(':'.$key,$data[$key]);
}
if(!$stmt->execute()){
echo$stmt->debugDumpParams().'
';
$errorinfo=$stmt->errorInfo();
die('ERROR:'.$errorinfo[2].'
');
}else{
//print_r($stmt->fetchAll());
switch($echo){
case0:
return$stmt->rowCount();
break;
case1:
return$stmt->fetch(PDO::FETCH_ASSOC);
break;
case2:
return$stmt->fetchAll(PDO::FETCH_ASSOC);
break;
}
}
}
function__destruct(){
if(!$this->long){
self::$db=null;
}
}
}
模仿TP框架,用一个M()方法:functionM($field){
$config=array(
'dbtype'=>'mysql',
'dbhost'=>'localhost',
'dbname'=>'testPdo',
'dbuser'=>'root',
'dbpwd'=>''
);
$m=newPDOModel($config,$field);
return$m;
}
所有传值都应该是数组<?php
require_once"PDOModel.class.php";
$result=M('infos')->where(array('name'=>'adf'))->find();
如果觉得《php pdo mysql 预处理_PHP PDO mysql 处理类(prepare 预处理)》对你有帮助,请点赞、收藏,并留下你的观点哦!