如何在 Postgres 中使用准备好的语句 [英] How to use prepared statements with Postgres

问题描述

我知道我需要准备好的语句，因为我在一个脚本中多次调用我的数据库.

I know that I need prepared statements because I make more than one call to my database during one script.

我想获得有关以下句子的具体示例

看看类型转换、验证和清理变量以及将 PDO 与准备好的语句一起使用.

Look at typecasting, validating and sanitizing variables and using PDO with prepared statements.

我知道他所说的验证和清理变量是什么意思.但是，我对准备好的语句并不完全确定.我们如何准备报表?通过过滤器，也就是通过消毒?还是通过某些 PDO 层?层的定义是什么?

I know what he mean by validating and sanitizing variables. However, I am not completely sure about prepared statements. How do we prepare statements? By filters, that is by sanitizing? Or by some PDO layer? What is the definition of the layer?

准备好的语句在语句中是什么意思?请举出具体的例子.

推荐答案

准备好的语句是什么意思声明?

What do prepared statements mean in the statement?

来自文档:

此功能允许将重复使用的命令仅解析和计划一次，而不是每次执行时.

This feature allows commands that will be used repeatedly to be parsed and planned just once, rather than each time they are executed.

参见 pg_prepare

来自上面链接页面的示例:

Example from the page linked above:

<?php
// Connect to a database named "mary"
$dbconn = pg_connect("dbname=mary");

// Prepare a query for execution
$result = pg_prepare($dbconn, "my_query", 'SELECT * FROM shops WHERE name = $1');

// Execute the prepared query.  Note that it is not necessary to escape
// the string "Joe's Widgets" in any way
$result = pg_execute($dbconn, "my_query", array("Joe's Widgets"));

// Execute the same prepared query, this time with a different parameter
$result = pg_execute($dbconn, "my_query", array("Clothes Clothes Clothes"));
?>

用于准备语句的 MySQL 文档 很好地回答了以下问题:

The MySQL documentation for Prepared Statements nicely answers the following questions:

• 为什么要使用准备好的语句?
• 什么时候应该使用准备好的声明?

这篇关于如何在 Postgres 中使用准备好的语句的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！