在带有 PDO 的 PHP 中，如何检查最终的 SQL 参数化查询? [英] In PHP with PDO, how to check the final SQL parametrized query?

问题描述

在PHP中，使用参数化查询的PDO访问MySQL数据库时，如何检查最终查询(替换所有令牌后)?

In PHP, when accessing MySQL database with PDO with parametrized query, how can you check the final query (after having replaced all tokens)?

有没有办法检查数据库真正执行了什么?

Is there a way to check what gets really executed by the database?

推荐答案

所以我想我最终会回答我自己的问题，以便为记录提供完整的解决方案.但必须感谢 Ben James 和 Kailash Badu，他们为此提供了线索.

So I think I'll finally answer my own question in order to have a full solution for the record. But have to thank Ben James and Kailash Badu which provided the clues for this.

简答
正如本·詹姆斯所说:不.
完整的SQL查询在PHP端是不存在的，因为query-with-tokens和参数是分开发送到数据库的.仅在数据库端存在完整查询.

Short Answer
As mentioned by Ben James: NO.
The full SQL query does not exist on the PHP side, because the query-with-tokens and the parameters are sent separately to the database. Only on the database side the full query exists.

即使尝试在 PHP 端创建一个函数来替换令牌也不能保证替换过程与 SQL 相同(棘手的东西，如令牌类型、bindValue 与 bindParam，...)

Even trying to create a function to replace tokens on the PHP side would not guarantee the replacement process is the same as the SQL one (tricky stuff like token-type, bindValue vs bindParam, ...)

解决方法
这是我详细阐述Kailash Badu的回答的地方.通过记录所有 SQL 查询，我们可以看到服务器上真正运行的是什么.使用 mySQL，这可以通过更新 my.cnf(或在我使用 Wamp 服务器的情况下为 my.ini)并添加如下一行来完成:

Workaround
This is where I elaborate on Kailash Badu's answer. By logging all SQL queries, we can see what is really run on the server. With mySQL, this can be done by updating the my.cnf (or my.ini in my case with Wamp server), and adding a line like:

log=[REPLACE_BY_PATH]/[REPLACE_BY_FILE_NAME]

不要在生产中运行它！！！

这篇关于在带有 PDO 的 PHP 中，如何检查最终的 SQL 参数化查询?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！