PDO对象连接数据库
1.可使用require调用数据库连接。新建一个PHP文档,命名config.php。
代码示例:
<?phpdefine('DB_HOST','localhost');//主机名define('DB_USER','root');//链接数据库用户名define('DB_PWD','142536');//链接数据库密码define('DB_NAME','mysqli');//数据库名称define('DB_PORT','3306');//数据库端口define('DB_TYPE','mysql');//数据库型号define('DB_CHARSET','utf8');//数据库编码方式define('DB_DSN',DB_TYPE.":host=".DB_HOST.";dbname=".DB_NAME.";charset=".DB_CHARSET);//定义PDO的DSN,数据源名,包括主机名,端口号和数据库名称$dsn='mysql:host=localhost;dbname=mysqli';//PDO驱动程序的名称,后面为一个冒号,再后面是可选的驱动程序链接数据库变量信息,如主机名,端口和数据名try{$pdo =new PDO(DB_DSN,DB_USER,DB_PWD);}catch(PDOException $e){echo $e->getMessage();//捕捉特定于数据库信息的PDOException 异常}catch(Throwable $e){echo $e->getMessage();//捕捉拥有Throwable 接口的错误或者其他异常}
使用require调用config.php使用。
2.直接在php文档中写入
代码示例:
<?phpheader('Content-type:text/html;charset=utf-8');$db ='mysql'; //数据库的类型$host = 'localhost'; //数据库地址$dbname = 'mysqli'; //数据库名称$charset = 'utf8'; //数据库字符集$user_name= 'root'; //数据源用户名$pass_word = '142536';//数据库密码$dsn ="$db:host=$host;dbname=$dbname;charset=$charset";//数据库驱动名称try{$pdo = new PDO($dsn,$user_name,$pass_word);}catch(PDOException $e){die("错误:".$e->getMessage()."<br>");}
使用PDO连接对数据库进行增删改查及防SQL注入
代码示例:
// PDO数据库的增加$password = md5(142536);$sql = "INSERT INTO user(`username`,`password`,`sex`,`age`,`email`,`mobile`) VALUES('白骨精','$password','女',85,'bgj@126.com','18954872145')";$res = $pdo->exec($sql);if($res){echo "添加成功了".$res."条数据";}else{echo "添加错误:".$pdo->errorCode();}echo "<hr>";// PDO 数据库删除$sql = "DELETE FROM `user` WHERE `username`='白骨精'";$res = $pdo->exec($sql);if($res){echo "删除成功了".$res."条数据";}else{echo "删除错误:".$pdo->errorCode();}echo "<hr>";//PDO 数据库修改$sql ="UPDATE `user` SET `age`=89,`mobile`='13555555555' WHERE `username`='唐三藏'";$res = $pdo->exec($sql);if($res){echo "成功更新了".$res."条数据";}else{echo "更新失败:".$pdo->errorCode();}echo "<hr>";//bindParam 防SQL注入$sql ="SELECT * FROM `user` WHERE `username`=? AND `password`=?";$stmt= $pdo->prepare($sql);$username ='唐三藏';$password = md5(142536);$stmt->bindParam(1,$username);$stmt->bindParam(2,$password);//PDOStatement::bindParam 绑定一个参数到知道的变量名//PDOStatement::bindValue 绑定一个值到一个参数$stmt->execute();//rowCount返回受上一个SQL语句影响的行$res = $stmt->rowCount();if($res){echo $username."登录成功";}else{echo "登录失败";}echo "<hr>";//bindValue 防SQL注入$sql ="SELECT * FROM `user` WHERE `username`=? AND `password`=?";$stmt= $pdo->prepare($sql);$stmt->bindValue(1,'唐三藏');$stmt->bindValue(2,$password= md5(142536));$stmt->execute();$res = $stmt->rowCount();if($res){echo "登录成功!";}else{echo "登录失败:".$pdo->errorCode();}echo "<hr>";//数据库查询$sql ="SELECT * FROM `user` ORDER BY `id` ";$stmt = $pdo->prepare($sql);$stmt->execute();$res = $stmt->fetchAll(PDO::FETCH_ASSOC);$table=<<<EOF<h2 align="center">用户信息</h2><table border="1" align="center"><tr align="center"><td>id</td><td>姓名</td><td>密码</td><td>性别</td><td>年龄</td><td>邮箱</td><td>手机</td></tr><tr>EOF;if($res){echo $table;foreach($res as $key ){foreach($key as $value){echo "<td>".$value."</td>";}echo "</tr>";}echo "</table>";}else{echo "查询失败:".$pdo->errorCode();}
示例图
