PDO security processing and transaction processing methods

This article mainly introduces the security processing and transaction processing methods of PDO, which has certain reference value. Interested friends can refer to it.

Transaction is a very important function in operating a database. It allows you to schedule one or a series of SQL statements and then execute them together. During the execution, if one of them is executed If it fails, you can roll back all changed operations. If the execution is successful, then this series of operations will be permanently effective. Transactions solve the problem of out-of-synchronization when operating the database. At the same time, transactions can be used to perform large amounts of data At this time, the execution efficiency can be improved a lot.

Transaction processing has four characteristics: atomicity, consistency, independence, and durability. Not all databases support transaction processing. PDO provides transaction support for databases that can perform transaction processing.

1. PDO exception handling
PDO::ATTR_ERRMODE

1) PDO::ATTR_ERRMODE//Do not report errors (ignore) (0)

2) PDO::ERRMODE_WARNING
//Report errors as warnings (1)

3) PDO::ERRMODE_EXCEPTION //Report errors as exceptions Method of reporting error (2)

<?php 
//默认是PDO::ATTR_ERRMODE 不报错误(忽略)(0)，需要用errorCode()、errorInfo() 
try{ 
  $pdo=new PDO("mysql:host=localhost;dbname=myapp","root",""); 
//  $pdo->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_WARNING); 
  $pdo->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION); 
}catch (PDOException $e){ 
  die("fail to connect db".$e->getMessage()); 
} 
$sql="INSERT INTO user VALUES(null,&#39;dabao&#39;,&#39;26&#39;)"; 
try{ 
  $res=$pdo->exec($sql); 
}catch (PDOException $e){ 
  echo $e->getMessage(); 
} 
//$res=$pdo->exec($sql); 
//if($res){ 
//  echo &#39;OK&#39;; 
//}else{ 
//  echo $pdo->errorCode(); 
//  echo &#39;<br/>&#39;; 
//  print_r($pdo->errorInfo()); 
//}

2. PDO preprocessing method

1 ) prepare() //Used to execute query SQL statements and return PDOStatement objects

2) bindValue() //Bind the value to a corresponding parameter and return a Boolean value

3) bindParam() //Bind the parameter to the corresponding query placeholder and return a Boolean value

4) bindColumn() //Used to match the column name and a specified The variable name

5) execute() // Execute a prepared prepared statement and return a Boolean value

6) rowCount() // Return to use Total number of rows affected after adding, deleting, modifying, and querying operation statements

<?php 
/** 
 * ？号式的预处理语句，共有三种绑定方式 
 */ 
 
//1.连接数据库 
try{ 
  $pdo=new PDO("mysql:host=localhost;dbname=myapp","root",""); 
}catch (PDOException $e){ 
  die("fail to connect db".$e->getMessage()); 
} 
 
//2.预处理的SQL语句 
$sql="INSERT INTO users(id,name,age) VALUES(?,?,?)"; 
$stmt=$pdo->prepare($sql); 
 
//3.对？号的参数进行绑定 
$id=null; 
$name="test103"; 
$age=103; 
 
//第一种绑定方式 
//$stmt->bindValue(1,$id); 
//$stmt->bindValue(2,$name); 
//$stmt->bindValue(3,$age); 
 
//第二种绑定方式 
//$stmt->bindParam(1,$id); 
//$stmt->bindParam(2,$name); 
//$stmt->bindParam(3,$age); 
 
//4.执行 
//$stmt->execute(); 
//第三种绑定方式：直接执行数组 
$stmt->execute(array($id,$name,$age)); 
echo $stmt->rowCount();

<?php 
/** 
 * 别名式的预处理语句，共有三种绑定方式 
 */ 
 
//1.连接数据库 
try{ 
  $pdo=new PDO("mysql:host=localhost;dbname=myapp","root",""); 
}catch (PDOException $e){ 
  die("fail to connect db".$e->getMessage()); 
} 
 
//2.预处理的SQL语句 
$sql="INSERT INTO users(id,name,age) VALUES(:id,:name,:age)"; 
$stmt=$pdo->prepare($sql); 
 
//3.参数进行绑定 
$id=null; 
$name="test203"; 
$age=23; 
 
//第一种绑定方式 
//$stmt->bindValue("id",$id); 
//$stmt->bindValue("name",$name); 
//$stmt->bindValue("age",$age); 
 
//第二种绑定方式 
//$stmt->bindParam("id",$id); 
//$stmt->bindParam("name",$name); 
//$stmt->bindParam("age",$age); 
 
//4.执行 
//$stmt->execute(); 
//第三种绑定方式：直接执行数组 
$stmt->execute(array("id"=>$id,"name"=>$name,"age"=>$age)); 
echo $stmt->rowCount();

<?php 
/** 
 * 用预处理方式查询数据 
 */ 
//1.连接数据库 
try{ 
  $pdo=new PDO("mysql:host=localhost;dbname=myapp","root",""); 
}catch (PDOException $e){ 
  die("fail to connect mysql".$e->getMessage()); 
} 
 
//2.预处理查询 
$sql="SELECT id,name,age FROM users"; 
$stmt=$pdo->prepare($sql); 
//3.执行 
$stmt->execute(); 
foreach($stmt as $val){ 
  echo $val[&#39;id&#39;]."------".$val[&#39;name&#39;]."------".$val[&#39;age&#39;]."<br/>"; 
}

3. Introduction to transaction processing operation methods
1) beginTransaction() //Start a thing (make a rollback point)

2) commit()
//Submit transaction

3) rollBack() //Transaction rollback operation

<?php 
//1.连接数据库 
try{ 
  $pdo=new PDO("mysql:host=localhost;dbname=myapp","root",""); 
  $pdo->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION); 
}catch (PDOException $e){ 
  die("fail to connect db".$e->getMessage()); 
} 
//2.执行数据操作 
try{ 
  //开启事物 
  $pdo->beginTransaction(); 
  $sql="insert into users(id,name,age) VALUES(?,?,?)"; 
  $stmt=$pdo->prepare($sql); 
  //传入参数 
  $stmt->execute(array(null,"test1","21")); 
  $stmt->execute(array(null,"test2","22")); 
  $stmt->execute(array(null,"test3","23")); 
  //提交事物 
  $pdo->commit(); 
}catch (PDOException $e){ 
  die("fail to execute".$e->getMessage()); 
  //事物回滚 
  $pdo->roolback(); 
}

The above is the entire content of this article, I hope it will be helpful to everyone's study.

Related recommendations:

phpDetailed implementation of handling high concurrent requests for rush purchases

phpHow to get the real-time usage of CPU memory in Windows

Detailed explanation of PHP half search algorithm case

The above is the detailed content of PDO security processing and transaction processing methods. For more information, please follow other related articles on the PHP Chinese website!