如何在Postgres中使用准备好的语句 [英] How to use prepared statements with Postgres

问题描述

我知道我需要准备好的语句，因为在一个脚本中我对数据库进行了多次调用.

I know that I need prepared statements because I make more than one call to my database during one script.

我想获得有关以下句子的具体示例

看看类型转换，验证和清理变量以及将PDO与预准备语句一起使用.

Look at typecasting, validating and sanitizing variables and using PDO with prepared statements.

我知道他通过验证和清除变量的含义.但是，我对准备好的陈述并不完全确定.我们如何准备报表?通过过滤器，就是通过消毒?还是通过某些PDO层?层的定义是什么?

I know what he mean by validating and sanitizing variables. However, I am not completely sure about prepared statements. How do we prepare statements? By filters, that is by sanitizing? Or by some PDO layer? What is the definition of the layer?

准备好的语句在语句中意味着什么?请使用具体示例.

推荐答案

准备好的语句在什么意义上 声明?

What do prepared statements mean in the statement?

从文档:

此功能允许将要重复使用的命令解析和计划一次，而不是每次执行时都进行解析和计划.

This feature allows commands that will be used repeatedly to be parsed and planned just once, rather than each time they are executed.

请参见 pg_prepare

上面链接的页面中的示例:

Example from the page linked above:

<?php
// Connect to a database named "mary"
$dbconn = pg_connect("dbname=mary");

// Prepare a query for execution
$result = pg_prepare($dbconn, "my_query", 'SELECT * FROM shops WHERE name = $1');

// Execute the prepared query.  Note that it is not necessary to escape
// the string "Joe's Widgets" in any way
$result = pg_execute($dbconn, "my_query", array("Joe's Widgets"));

// Execute the same prepared query, this time with a different parameter
$result = pg_execute($dbconn, "my_query", array("Clothes Clothes Clothes"));
?>

有关预准备语句的MySQL文档很好地回答了以下问题:

The MySQL documentation for Prepared Statements nicely answers the following questions:

• 为什么要使用准备好的语句?
• 何时应使用准备好的 声明?

• Why use prepared statements?
• When should you use prepared statements?

这篇关于如何在Postgres中使用准备好的语句的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！