PDO MySQL如何处理已准备好的语句中的参数? [英] How does PDO MySQL handle parameters in prepared statements?
问题描述
例如,在我准备的讲义中的命名占位符"中,我可以拥有:
For example in Named Placeholder in my prepared statemens, I can have:
<?php
$stmt = $db->prepare("SELECT * FROM table WHERE id=:id AND name=:name");
$stmt->bindValue(':id', $id, PDO::PARAM_INT);
$stmt->bindValue(':name', $name, PDO::PARAM_STR);
$stmt->execute();
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
将->bindValue与PDO::PARAM_INT一起使用is_int或"is_numeric" PHP函数检查$id是否确实是整数,或者以其他方式检查,如果$id设置了PDO::PARAM_INT的->bindValue不是它期望的吗?
Will the ->bindValue with PDO::PARAM_INT check if the $id is really an integer using "is_int" or "is_numeric" PHP functions, or somehow otherwise, and will it fail and crash if the $id isn't what ->bindValue with PDO::PARAM_INT setting set expects it to be?
我是PDO MySQL的新手,我也想知道:
I am new to PDO MySQL and I am also wondering will the:
$stmt->bindValue(':name', $name, PDO::PARAM_STR);
如果在$name中解决了任何编码问题,能否自动处理修剪和剥离标签?
Fix any encoding issues if accountered in $name, can it automatically deal trimming and striping tags as well?
推荐答案
将-> bindValue与PDO :: PARAM_INT一起检查$ id是否真的是一个整数
Will the ->bindValue with PDO::PARAM_INT check if the $id is really an integer using
它不会被检查.将变量绑定为PARAM_INT将使PHP首先简单地将其强制转换为整数(int)"123".没有错误发生,非数字字符串将被简单地转换为零.另请参见将字符串转换为数字.
It will not be checked. Binding a variable as PARAM_INT will make PHP simply cast it to integer (int)"123" first. No errors occur, non-numeric strings will simply be cast to zero. See also the PHP manual on String conversion to numbers.
... PDO :: PARAM_STR);
如果解决了$ name中的编码问题,是否还能自动处理修剪和剥离标签?
... PDO::PARAM_STR);
Fix any encoding issues if accountered in $name, can it automatically deal trimming and striping tags as well?
对于字符串类型的参数,不会自动调整或转换所传递的值.
For string-type parameters there will be no automatic trimming or transformation of the passed value.
如果输入字符集与数据库字符集不同,则编码将由PDO驱动程序或接收数据库服务器进行调整.但这就是全部.
If the input charset differs from the database charset, then the encoding will be adapted either by the PDO driver, or by the receiving database server. But that's all.
这篇关于PDO MySQL如何处理已准备好的语句中的参数?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
