需要一些 PHP PDO 的解释......！ [英] Need Some Explanation of PHP PDO....!

问题描述

function get_actor_info( $actor_id ) {

    global $pdo;

    $stmt = $pdo->prepare('
            SELECT film_info, first_name, last_name 
            FROM actor_info
            WHERE actor_id = :actor_id
            LIMIT 1');

    $stmt->execute( array( ':actor_id' => $actor_id ) );

    return $stmt->fetch( PDO::FETCH_OBJ );
}

在上面的例子中，为什么 MYSQL 选择 WHERE... :actor_id 后跟这个 : 列和 return $stmt->fetch( PDO::FETCH_OBJ ); 为什么要使用双列?

in example above Why MYSQL select WHERE... :actor_id followed by this : column and same thing in return $stmt->fetch( PDO::FETCH_OBJ ); Why use double column ?

推荐答案

字符串 :actor_id 不是变量.它是将实际变量 $actor_id 值绑定到 SQL 字符串的占位符.

The string :actor_id is not a variable. It's a placeholder to bind the actual variable $actor_id value to the SQL string.

您的 $stmt 字符串是带有占位符的查询.

Your $stmt string is a query with a placeholder.

where 子句的实际值在执行时使用 execute() 方法传递.

The actual value of the where clause is passed using the execute() method upon execution.

你为什么要这样做?PDO 允许准备好的语句，它的绑定有助于抽象出必须转义变量的字符串，就像您只是将 $actor_id 连接到 SQL 字符串一样.

Why would you want to do this? PDO allows for prepared statements, and its binding helps to abstract away having to escape the variable's string as you would if you were just concatenating the $actor_id into your SQL string.

这有助于查询的可重用性和安全性.

This helps with query re-usability and security.

这篇关于需要一些 PHP PDO 的解释......！的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！