exec("SET NAMES UT">
时间:2021-07-01 10:21:17 帮助过:32人阅读
query("SET NAMES UTF8"); $dbh->exec("SET NAMES UTF8"); } catch(Exception $e) { echo 'data error: '.$e->getMessage(); }}//关闭数据库连接public function sql_close(){ $dbh=null;}//查询数据库public function my_query($sql){ $this->sql_open(); //$this->sth = $this->dbh->query($sql); //$result = $this->sth->fetchAll(); //return $result; 这里面怎么写才能返回数据? }}?>
my_query('SELECT * FROM user_type order by user_id') as $row){//这里循环输出查询内容}$mysql->sql_close();?>
1楼围观。等大神解答!
$this->dbh = new PDO($dsn, $user, $pass);
你的my_query看上去没错,将注释的那几行打开。先试试看。
终于搞定了,看了网上众多代码,测试失败了无数次,结果是弄出来了,插入,删除,更新的通用类,请大神指点下这样做有没有什么弊端,会不会影响性能等。下一步研究下那个参数化,据说可以防止sql注入。
conn.php内容:
dsn, $this->user,$this->pass); $dbh->query("SET NAMES UTF8"); return $dbh->query($sql); $dbh=null; } catch(Exception $e) { echo 'error: '.$e->getMessage(); }}//操作单条数据(更新/删除/插入),无返回结果public function sql_one($sql){ try { $dbh = new PDO($this->dsn, $this->user,$this->pass); $dbh->exec("SET NAMES UTF8"); $dbh->exec($sql); $dbh=null; } catch(Exception $e) { echo 'error: '.$e->getMessage(); }}//操作多条数据(更新/删除),无返回结果public function sql_more($sql,$str){ try { $dbh = new PDO($this->dsn, $this->user,$this->pass); $dbh->exec("SET NAMES UTF8"); foreach($str as $arrs) { $dbh->exec($sql.$arrs); } $dbh=null; } catch(Exception $e) { echo 'error: '.$e->getMessage(); } }}?>
include 'conn.php';$mysql = new my_sql;//操作单挑数据$mysql->sql_one("DELETE FROM `user_type` WHERE `user_id` = ".$_REQUEST['id']."");//读取内容$aa=$mysql->sql_select('SELECT * FROM user_type order by user_id'); foreach ($aa as $row) {//输出内容echo '
你现在这个不能防注入,防注入需要用PDO::prepare
prepare('SELECT name, colour, calories FROM fruit WHERE calories < ? AND colour = ?');$sth->execute(array(150, 'red'));$red = $sth->fetchAll();$sth->execute(array(175, 'yellow'));$yellow = $sth->fetchAll();?>
你现在这个不能防注入,防注入需要用PDO::prepare
prepare('SELECT name, colour, calories FROM fruit WHERE calories < ? AND colour = ?');$sth->execute(array(150, 'red'));$red = $sth->fetchAll();$sth->execute(array(175, 'yellow'));$yellow = $sth->fetchAll();?>