Function prepare
To use the template in Example 1, the first thing you have to do is to construct the prepare() function. To ensure that unquoted characters are accidentally parsed as placeholders, the function should remove the query All strings and temporarily store them in an array. The string itself will also be replaced by placeholders, which are usually recognized as string sequences that should not appear in the SQL statement. During the compilation of the query, the procedure placeholder is first replaced and then the string is put back into the query. This is done through the preg_replace() function and another helper callback function used as the preg_replace() function.
Example 2: prepare() function
/** * 把query准备为一个存储过程。 * @param string $query Prepared query text * @return void */ public function prepare($query) { $this->stored_procedure = true; $this->quote_store = array(); //清除引号 $this->query = preg_replace(self::$QUOTE_MATCH, '$this->sql_quote_replace("1"?"1":'2')', $query); } private function sql_quote_replace($match) { $number = count($this->query_strings); $this->query_strings[] = $match; return "$||$$number"; }
Note here the use of the static QUOTE_MATCH attribute private, as well as the quote_store attribute and the sql_quote_replace() function. Compared with protected, defining it as private here ensures that any subclass that overrides the prepare() method of the query class uses its own mechanism to remove quotes.
Function compile
The next step is to build the compile() and execute() functions.
The function compile() is as shown in Example 3, and its functions are as follows:
·The number of parameters accepted is variable (i.e., variable parameters), which will match the placeholders in the query.
·Check whether the placeholder is of the correct data type and replace it with the value in the parameter.
·Return the query as a string, but do not execute it.
·If the query object is not initialized as a stored procedure using the prepare() function, an exception will be thrown.
Example 3: compile() function
/** * 返回编译的query,但并不执行它。 * @param mixed $args,... Query Parameters * @return string Compiled Query */ public function compile($params) { if (! $this->stored_procedure) { throw new Exception("存储过程未被初始化!"); } /* 替代参数 */ $params = func_get_args(); // 取得函数参数 $query = preg_replace("/(?query); return $this->add_strings($query); //把字符串放回query中 } /** * 重新插入被prepare()函数移除的字符串。 */ private function add_strings($string) { $numbers = array_keys($this->query_strings); $count = count($numbers); $searches = array(); for($x = 0; $x < $count; $x++) { $searches[$x] = "$||${$numbers[$x]}"; } return str_replace($searches, $this->query_strings, $string); } /** * 每次执行,存储过程中都有一个占位符被替换。 */ protected function compile_callback($params, $index, $type) { --$index; /* 抛出一个异常 */ if (! isset($params[$index])) { throw new Exception("存储过程未收到所需的参数数目!"); } /* 可以在此添加别的类型,如日期和时间。 */ switch ($type) { case 'S': return '"' . $this->db->escape_string($params[$index]) . '"'; break; case 'I': return (int) $params[$index]; break; case 'N': return (float) $params[$index]; default: throw new Exception("存储过程中指定的数据类型 '$type' 无法识别。"); } }
The function compile() uses two additional functions, among which the compile_callback() function is used as the callback function in the preg_replace() function call, and is found in the query every time placeholder and replace it with the value passed to the compile function.
The above is the content of using PHP’s OOP features to achieve data protection (2). For more related content, please pay attention to the PHP Chinese website (www.php.cn)!

php把负数转为正整数的方法:1、使用abs()函数将负数转为正数,使用intval()函数对正数取整,转为正整数,语法“intval(abs($number))”;2、利用“~”位运算符将负数取反加一,语法“~$number + 1”。

实现方法:1、使用“sleep(延迟秒数)”语句,可延迟执行函数若干秒;2、使用“time_nanosleep(延迟秒数,延迟纳秒数)”语句,可延迟执行函数若干秒和纳秒;3、使用“time_sleep_until(time()+7)”语句。

php除以100保留两位小数的方法:1、利用“/”运算符进行除法运算,语法“数值 / 100”;2、使用“number_format(除法结果, 2)”或“sprintf("%.2f",除法结果)”语句进行四舍五入的处理值,并保留两位小数。

php字符串有下标。在PHP中,下标不仅可以应用于数组和对象,还可应用于字符串,利用字符串的下标和中括号“[]”可以访问指定索引位置的字符,并对该字符进行读写,语法“字符串名[下标值]”;字符串的下标值(索引值)只能是整数类型,起始值为0。

判断方法:1、使用“strtotime("年-月-日")”语句将给定的年月日转换为时间戳格式;2、用“date("z",时间戳)+1”语句计算指定时间戳是一年的第几天。date()返回的天数是从0开始计算的,因此真实天数需要在此基础上加1。

在php中,可以使用substr()函数来读取字符串后几个字符,只需要将该函数的第二个参数设置为负值,第三个参数省略即可;语法为“substr(字符串,-n)”,表示读取从字符串结尾处向前数第n个字符开始,直到字符串结尾的全部字符。

方法:1、用“str_replace(" ","其他字符",$str)”语句,可将nbsp符替换为其他字符;2、用“preg_replace("/(\s|\ \;||\xc2\xa0)/","其他字符",$str)”语句。

php判断有没有小数点的方法:1、使用“strpos(数字字符串,'.')”语法,如果返回小数点在字符串中第一次出现的位置,则有小数点;2、使用“strrpos(数字字符串,'.')”语句,如果返回小数点在字符串中最后一次出现的位置,则有。


Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

AI Hentai Generator
Generate AI Hentai for free.

Hot Article

Hot Tools

Zend Studio 13.0.1
Powerful PHP integrated development environment

mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),

Notepad++7.3.1
Easy-to-use and free code editor

ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment

VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
