PHP complete se...login
PHP complete self-study manual
author:php.cn  update time:2022-04-15 13:53:54

PHP MySQL insert multiple pieces of data



Use MySQLi and PDO to insert multiple pieces of data into MySQL

The mysqli_multi_query() function can be used to execute multiple SQL statements.

Related video tutorial recommendations: "mysql tutorial"http://www.php.cn/course/list/51.html

The following example adds three new records to the "MyGuests" table:

Example (MySQLi - Object Oriented)

<?php
$servername = "localhost";
$username = "username";
$password = 
"password";
$dbname = 
"myDB";
// 创建链接
$conn = 
new mysqli($servername, $username, $password, $dbname);
// 检查链接
if ($conn->connect_error) {
    die("连接失败: " . $conn->connect_error);
}
$sql = "INSERT INTO 
MyGuests (firstname, lastname, email)
VALUES ('John', 'Doe', 'john@example.com');";
$sql .= "INSERT INTO 
MyGuests (firstname, lastname, email)
VALUES ('Mary', 'Moe', 'mary@example.com');";
$sql .= "INSERT INTO 
MyGuests (firstname, lastname, email)
VALUES ('Julie', 'Dooley', 'julie@example.com')";
if ($conn->multi_query($sql) === TRUE) {
    echo "新记录插入成功";
} else {
    echo 
"Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
Note#Please note that each SQL statement must be separated by a semicolon.

Example (MySQLi - Procedure Oriented)

<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
// 创建链接
$conn = mysqli_connect($servername, $username, $password, 
$dbname);
// 检查链接
if (!$conn) {
    die("连接失败: " . mysqli_connect_error());
}
$sql = "INSERT INTO 
MyGuests (firstname, lastname, email)
VALUES ('John', 'Doe', 'john@example.com');";
$sql .= "INSERT INTO 
MyGuests (firstname, lastname, email)
VALUES ('Mary', 'Moe', 'mary@example.com');";
$sql .= "INSERT INTO 
MyGuests (firstname, lastname, email)
VALUES ('Julie', 'Dooley', 'julie@example.com')";
if (mysqli_multi_query($conn, $sql)) {
    echo "新记录插入成功";
} else {
    echo "Error: " 
. $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
?>

Example (PDO)

<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDBPDO";
try {
    $conn = new PDO("mysql:host=$servername;dbname=$dbname", 
$username, $password);
    
// set the PDO error mode to exception
    $conn->setAttribute(PDO::ATTR_ERRMODE, 
PDO::ERRMODE_EXCEPTION);
    // 开始事务
    
$conn->beginTransaction();
    //  SQL 语句
    
$conn->exec("INSERT INTO MyGuests (firstname, lastname, email) 
    
VALUES ('John', 'Doe', 'john@example.com')");
    
$conn->exec("INSERT INTO MyGuests (firstname, lastname, email) 
    
VALUES ('Mary', 'Moe', 'mary@example.com')");
    
$conn->exec("INSERT INTO MyGuests (firstname, lastname, email) 
    
VALUES ('Julie', 'Dooley', 'julie@example.com')");
    
// 提交事务
    $conn->commit();
    
echo "新记录插入成功";
 }
catch(PDOException $e)
{
    
// 如果执行失败回滚
    
$conn->rollback();
    
echo $sql . "<br>" . $e->getMessage();
 }
$conn = null;
?>

Using prepared statements

The mysqli extension provides a second way to insert statements.

We can prepare statements and bind parameters.

mysql extension can send statements or queries to the mysql database without data. You can nematically associate or "bind" variables.

Example (MySQLi uses prepared statements)

<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
// 创建连接
$conn = new mysqli($servername, $username, $password, $dbname);
// 检测连接
if ($conn->connect_error) {
    die("连接失败: " . $conn->connect_error);
} else {
    $sql = "INSERT INTO 
MyGuests VALUES(?, ?, ?)";
    // 为  mysqli_stmt_prepare() 初始化statement 对象
    $stmt = mysqli_stmt_init($conn);
    //预处理语句
if (mysqli_stmt_prepare($stmt, $sql)) {
// 绑定参数
mysqli_stmt_bind_param($stmt, 'sss', $firstname, $lastname, $email);
// 设置参数并执行
$firstname = 'John';
$lastname = 'Doe';
$email = 'john@example.com';      
mysqli_stmt_execute($stmt);    
$firstname = 'Mary';
$lastname = 'Moe';
$email = 'mary@example.com';        
mysqli_stmt_execute($stmt);        
$firstname = 'Julie';        
$lastname = 'Dooley';
$email = 'julie@example.com';        
mysqli_stmt_execute($stmt);
    }
}
?>
We can see that modularization is used to solve the problem in the above example. We can achieve easier reading and management by creating code blocks.

Pay attention to the binding of parameters. Let's take a look at the code in mysqli_stmt_bind_param():

mysqli_stmt_bind_param($stmt, 'sss', $firstname, $lastname, $email);

This function binds the parameter query and passes the parameters to the database. The second parameter is "sss" . The following list shows the parameter types. The s character tells mysql that the parameter is a string.

can be the following four parameters:

  • i - integer

  • d - double precision floating point number

  • s - String

  • b - Boolean value

Each parameter must specify a type to ensure data security. Type judgment can reduce the risk of SQL injection vulnerabilities.

php.cn