問(wèn)題描述
讓對(duì) PDO 的引用等于 PDO 對(duì)象而不是 PDO 本身--
我看到 這里 有 PDO->query() 和 PDO->exec().在鏈接的頁(yè)面中,PDO->query(); 似乎僅用于 SELECT 語(yǔ)句,而 PDO->exec() 用于 UPDATE,INSERT,DELETE 語(yǔ)句.現(xiàn)在,我是 PDO 的新手,所以我不確定在使用它方面發(fā)生了什么相當(dāng),所以我希望解釋為什么要使用不同的方法,以及為什么有不同的方法.
I see here that there is both PDO->query() and PDO->exec(). In the page that was linked, it appears that PDO->query(); is used for SELECT statements ONLY, and PDO->exec() is used for UPDATE,INSERT,DELETE statements. Now, I am brand new to PDO, so I'm not sure what is going on in terms of using it quite yet, so I would appreciate an explanation on why to use the different methods, and why there are different methods.
推薦答案
盡管有任何理論上的差異,但無(wú)論如何都不應(yīng)該使用這些函數(shù) - 所以,沒(méi)有什么可擔(dān)心的.
Despite of whatever theoretical difference, none of these functions should be used anyway - so, there is nothing to concern of.
使用 PDO 的唯一原因是支持準(zhǔn)備好的語(yǔ)句,但這些函數(shù)都沒(méi)有提供它.因此,不應(yīng)使用它們.
The only reason of using PDO is support for prepared statements, but none of these functions offers it. So, they shouldn't be used.
改用prepare()/execute(),尤其用于UPDATE、INSERT、DELETE語(yǔ)句.
Use prepare()/execute() instead, especially for UPDATE,INSERT,DELETE statements.
請(qǐng)注意,雖然準(zhǔn)備好的聲明被廣泛宣傳為一種安全措施,但它只是為了引起人們的注意.但他們真正的目的是正確的查詢格式.這也為您提供了安全性 - 因?yàn)楦袷秸_的查詢也不能被注入 - 就像副作用一樣.但同樣 - 格式化是一個(gè)主要目標(biāo),因?yàn)槿绻袷讲徽_,即使是無(wú)害的數(shù)據(jù)也可能導(dǎo)致查詢錯(cuò)誤.
Please note that although prepared statements are widely advertised as a security measure, it is only to attract people's attention. But their real purpose is proper query formatting. Which gives you security too - as properly formatted query cannot be injected as well - just as side effect. But again - formatting is a primary goal, just because even innocent data may cause a query error if not formatted properly.
請(qǐng)注意,execute() 僅返回 TRUE 或 FALSE 以指示操作成功.對(duì)于其他信息,例如受 UPDATE 影響的記錄數(shù),提供了諸如 rowCount() 之類的方法.請(qǐng)參閱文檔.
Please note that execute() returns only TRUE or FALSE to indicate success of the operation. For other information, such as the number of records affected by an UPDATE, methods such as rowCount() are provided. See the docs.
這篇關(guān)于PDO->query() 和 PDO->exec() 之間的區(qū)別的文章就介紹到這了,希望我們推薦的答案對(duì)大家有所幫助,也希望大家多多支持html5模板網(wǎng)!