MySQLi和PDO哪种方式更安全 [英] Which method is more secure between MySQLi and PDO

问题描述

到目前为止，我看到 MySQLi 和 PDO 都是连接数据库的好方法.我需要的是两者之间哪种方法更安全.特别是对于一个为一个大项目开发网站的人来说，将会有大量的人进行交互

So far, I'm seeing that both MySQLi and PDO are good methods when connecting to the database. What I need is which method is more secure between the two. Especially for a person developing a site for a big project that will interact will a large number of people

推荐答案

这两个库都提供 SQL 注入安全性，只要开发人员按预期方式使用它们(在需要时使用准备好的语句正确转义/参数绑定).

Both libraries provide SQL injection security, as long as the developer uses them the way they were intended (proper escaping / parameter binding with prepared statements when it's needed).

安全性没有区别.PDO 和 Mysqli 的主要区别在于 PDO 支持各种数据库，而 mysqli 仅支持 MySQL.MySQLi 也快一点.PDO 支持 12 种不同的驱动程序，而 MySQLi 只支持 MySQL.

There is no difference in security. The main difference between PDO and Mysqli is that PDO supports various databases and mysqli supports only MySQL. MySQLi is also a bit faster. PDO supports 12 different drivers, opposed to MySQLi, which supports MySQL only.

所以关于安全性没有区别，因为它们都使用带有转义的准备好的语句.

So about security there's no difference because they both use prepared statements with escaping.

这篇关于MySQLi和PDO哪种方式更安全的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！