动态准备好的插入语句 [英] dynamic prepared insert statement

查看:78
本文介绍了动态准备好的插入语句的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

让我作为序言,我刚刚开始学习准备好的语句,所以其中很多内容可能很难掌握,但我想尝试.

我正在尝试在我的DatabaseObject类中创建一个动态创建函数.该函数将采用可能具有任意数量的不同允许数据类型的任意数量的值.不幸的是,我没有尝试过.这是代码.

public function create() {
    $db = Database::getInstance();
    $mysqli = $db->getConnection();
    //array of escaped values of all types in the object
    $attributes = $this->sanitized_attributes();

    $check = $mysqli->stmt_init();

    $paramType = array();

    $types = ''; $bindParam = array(); $where = ''; $count = 0;

    foreach($attributes as $key=>$val)
    {
        $types .= 'i';
        $bindParam[] = '$p'.$count.'=$param["'.$key.'"]'; 
        $where .= "$key = ? AND ";
        $count++;
    }

    $sql_query = "INSERT INTO `".static::$table_name."` ";  

    $sql_query .= "VALUES (";

    foreach ($attributes as $key => $value) {
        $valueType = gettype($value);

        if ($valueType == 'string') {
            $sql_query .= "?,";
            array_push($paramType, "s");
        } else if ($valueType == 'integer') {
            $sql_query .= "?,";
            array_push($paramType, "i");
        } else if ($valueType == 'double') {
            $sql_query .= "?,";
            array_push($paramType, "d");
        } else {
            $sql_query .= "?,";
            array_push($paramType, "b");
        }           
    }

    $sql_query .= ")";
}

在这一点上,我对应该做的事情完全迷失了.

我已经准备好了简单的预备语句,但是这一语句更加复杂和动态,我不知道我是否正确地处理了这一点,以及如何按照sql_query进行操作才能获得此结果.工作.这里的所有问题都让我感到困惑,所以也许如果我用当前代码得到指导,看看我哪里出了问题,它将为您提供帮助.

感谢您的宝贵时间.

解决方案

public function create() {
    $db = Database::getInstance();
    $mysqli = $db->getConnection();

    $attributes = $this->sanitized_attributes();

    $tableName = static::$table_name;

    $columnNames = array();
    $placeHolders = array();
    $values = array();

    foreach($attributes as $key=>$val)
    {
        // skip identity field
        if ($key == static::$identity)
            continue;
        $columnNames[] = '`' . $key. '`';
        $placeHolders[] = '?';
        $values[] = $val;
    }

    $sql = "Insert into `{$tableName}` (" . join(',', $columnNames) . ") VALUES (" . join(',', $placeHolders) . ")";

    $statement = $mysqli->stmt_init();
    if (!$statement->prepare($sql)) {
        die("Error message: " . $mysqli->error);
        return;
    }

    $bindString = array();
    $bindValues = array();

    // build bind mapping (ssdib) as an array
    foreach($values as $value) {
        $valueType = gettype($value);

        if ($valueType == 'string') {
            $bindString[] = 's';
        } else if ($valueType == 'integer') {
            $bindString[] = 'i';
        } else if ($valueType == 'double') {
            $bindString[] = 'd';
        } else {
            $bindString[] = 'b';
        }

        $bindValues[] = $value;
    }

    // prepend the bind mapping (ssdib) to the beginning of the array
    array_unshift($bindValues, join('', $bindString));

    // convert the array to an array of references
    $bindReferences = array();
    foreach($bindValues as $k => $v) {
        $bindReferences[$k] = &$bindValues[$k];
    }

    // call the bind_param function passing the array of referenced values
    call_user_func_array(array($statement, "bind_param"), $bindReferences);

    $statement->execute();  
    $statement->close();

    return true;
}

我想特别指出我自己找不到解决方案.我有很长时间的开发人员找到了此解决方案,并希望将其发布给可能想知道的人.

Let me preface that I just started learning prepared statements so much of this might just be to much to grasp, but I want to try.

I am trying to make a dynamic create function within my DatabaseObject class. The function would take any number of values of potentially any number of the different allowed data types. Unfortunately nothing I have tried has worked. Here is the code.

public function create() {
    $db = Database::getInstance();
    $mysqli = $db->getConnection();
    //array of escaped values of all types in the object
    $attributes = $this->sanitized_attributes();

    $check = $mysqli->stmt_init();

    $paramType = array();

    $types = ''; $bindParam = array(); $where = ''; $count = 0;

    foreach($attributes as $key=>$val)
    {
        $types .= 'i';
        $bindParam[] = '$p'.$count.'=$param["'.$key.'"]'; 
        $where .= "$key = ? AND ";
        $count++;
    }

    $sql_query = "INSERT INTO `".static::$table_name."` ";  

    $sql_query .= "VALUES (";

    foreach ($attributes as $key => $value) {
        $valueType = gettype($value);

        if ($valueType == 'string') {
            $sql_query .= "?,";
            array_push($paramType, "s");
        } else if ($valueType == 'integer') {
            $sql_query .= "?,";
            array_push($paramType, "i");
        } else if ($valueType == 'double') {
            $sql_query .= "?,";
            array_push($paramType, "d");
        } else {
            $sql_query .= "?,";
            array_push($paramType, "b");
        }           
    }

    $sql_query .= ")";
}

At this point I am completely lost as to what I am suppose to do.

I have gotten simple prepared statements to work, but this one is much more complicated and dynamic and I don't know if I handled the process up to this point correctly and what to do following the sql_query in order to get this to work. All the questions here have left me confused so maybe if I got guidance with my current code to see where i went wrong it will assist.

I appreciate your time.

解决方案 

public function create() {
    $db = Database::getInstance();
    $mysqli = $db->getConnection();

    $attributes = $this->sanitized_attributes();

    $tableName = static::$table_name;

    $columnNames = array();
    $placeHolders = array();
    $values = array();

    foreach($attributes as $key=>$val)
    {
        // skip identity field
        if ($key == static::$identity)
            continue;
        $columnNames[] = '`' . $key. '`';
        $placeHolders[] = '?';
        $values[] = $val;
    }

    $sql = "Insert into `{$tableName}` (" . join(',', $columnNames) . ") VALUES (" . join(',', $placeHolders) . ")";

    $statement = $mysqli->stmt_init();
    if (!$statement->prepare($sql)) {
        die("Error message: " . $mysqli->error);
        return;
    }

    $bindString = array();
    $bindValues = array();

    // build bind mapping (ssdib) as an array
    foreach($values as $value) {
        $valueType = gettype($value);

        if ($valueType == 'string') {
            $bindString[] = 's';
        } else if ($valueType == 'integer') {
            $bindString[] = 'i';
        } else if ($valueType == 'double') {
            $bindString[] = 'd';
        } else {
            $bindString[] = 'b';
        }

        $bindValues[] = $value;
    }

    // prepend the bind mapping (ssdib) to the beginning of the array
    array_unshift($bindValues, join('', $bindString));

    // convert the array to an array of references
    $bindReferences = array();
    foreach($bindValues as $k => $v) {
        $bindReferences[$k] = &$bindValues[$k];
    }

    // call the bind_param function passing the array of referenced values
    call_user_func_array(array($statement, "bind_param"), $bindReferences);

    $statement->execute();  
    $statement->close();

    return true;
}

I want to make special note that I did not find the solution myself. I had a long time developer find this solution and wanted to post it for those that might want to know.

这篇关于动态准备好的插入语句的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
PHP最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆