php访问mysql.pptx

MySql APIs in PHPMySql APIsmysqlOriginal MySQL APImysqliMySQL “improved” APIPDOPHP Data ObjectsMySql APIsmysqlmysqliPDOIntroducedv2.0v5.0v5.1Deprecatedv5.5--Included with PHPYesYesYesPre-configured for MySQLYesYesOther db supportedYesProcedual InterfaceYesYesObject-oriented InterfaceYesYesPrepared statementsYesYesProcedual vs OOProcedualObject-orientedmysqli_connect$mysqli = new mysqlimysqli_connect_errno$mysqli -connect_errnomysqli_connect_error$mysqli-connect_errormysqli_real_escape_string$mysqli-real_escape_stringmysqli_query$mysqli-querymysqli_fetch_assoc$mysqli-fetch_assocmysqli_close$mysqli-closeConnect to MySqlPHP - MySql (5 steps)Create a database connectionPerform database queryUse returned data(if any)Release returned dataClose database connectionStep 1$conn = mysqli_connect($db_host, $db_user, $db_pass, $db_name);Create database connectionmysqli_connect()mysqli_connect_errno()mysqli_connect_error()mysqli_set_charset($conn, utf8);Step 2Perform database querymysqli_query()Step 3Use returned datamysqli_fetch_row()keys are integers(standard array)mysqli_fetch_assoc()associative array, keys are column namesmysqli_fetch_array()either or both types of arraysMYSQL_NUM, MYSQL_ASSOC, MYSQL_BOTHStep 4Release returned datamysqli_free_result() Step 5Close database connectionmysqli_close()insertSuccessFailureselectresourse(结果集对象)falseinserttruefalseupdatetruefalsedeletetruefalsemysqli_query()mysqli_insert_id()mysqli_affected_rows()SQL Injection表单中填入精心构造的SQL脚本例如: 正常条件 or 1防止SQL injection对接收的表单数据进行转义mysqli_real_escape_string($conn, $string)Prepared StatementsPrepare statement once, reuse many timesFasterSeparate query from dynamic dataPrevents SQL injectionPrepared Statements$query = “select id, name, age ”;$query .= “from student ”;$query .= “where id = ? and name = ?”;$stmt = mysqli_prepare($conn, $query);mysqli_stmt_bind_param($stmt, ‘ss’, $id, $name);mysqli_stmt_exectue($stmt);mysqli_stmt_bind_result($stmt, $r_id, $r_name, $r_age);mysqli_stmt_fetch($stmt);mysqli_stmt