PDO->query() 和 PDO->exec() 之间的区别

时间:2023-04-08
本文介绍了PDO->query() 和 PDO->exec() 之间的区别的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

问题描述

让对 PDO 的引用等于 PDO 对象而不是 PDO 本身--

我看到 这里 有 PDO->query()PDO->exec().在链接的页面中,PDO->query(); 似乎仅用于 SELECT 语句,而 PDO->exec() 用于 UPDATE,INSERT,DELETE 语句.现在,我是 PDO 的新手,所以我不确定在使用它方面发生了什么相当,所以我希望解释为什么要使用不同的方法,以及为什么有不同的方法.

I see here that there is both PDO->query() and PDO->exec(). In the page that was linked, it appears that PDO->query(); is used for SELECT statements ONLY, and PDO->exec() is used for UPDATE,INSERT,DELETE statements. Now, I am brand new to PDO, so I'm not sure what is going on in terms of using it quite yet, so I would appreciate an explanation on why to use the different methods, and why there are different methods.

推荐答案

尽管有任何理论上的差异,但无论如何都不应该使用这些函数 - 所以,没有什么可担心的.

Despite of whatever theoretical difference, none of these functions should be used anyway - so, there is nothing to concern of.

使用 PDO 的唯一原因是支持准备好的语句,但这些函数都没有提供它.因此,不应使用它们.

The only reason of using PDO is support for prepared statements, but none of these functions offers it. So, they shouldn't be used.

改用prepare()/execute()尤其用于UPDATE、INSERT、DELETE语句.

Use prepare()/execute() instead, especially for UPDATE,INSERT,DELETE statements.

请注意,虽然准备好的声明被广泛宣传为一种安全措施,但它只是为了引起人们的注意.但他们真正的目的是正确的查询格式.这也为您提供了安全性 - 因为格式正确的查询也不能被注入 - 就像副作用一样.但同样 - 格式化是一个主要目标,因为如果格式不正确,即使是无害的数据也可能导致查询错误.

Please note that although prepared statements are widely advertised as a security measure, it is only to attract people's attention. But their real purpose is proper query formatting. Which gives you security too - as properly formatted query cannot be injected as well - just as side effect. But again - formatting is a primary goal, just because even innocent data may cause a query error if not formatted properly.

请注意,execute() 仅返回 TRUEFALSE 以指示操作成功.对于其他信息,例如受 UPDATE 影响的记录数,提供了诸如 rowCount() 之类的方法.请参阅文档.

Please note that execute() returns only TRUE or FALSE to indicate success of the operation. For other information, such as the number of records affected by an UPDATE, methods such as rowCount() are provided. See the docs.

这篇关于PDO->query() 和 PDO->exec() 之间的区别的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

上一篇:PDO 无缓冲查询 下一篇:如何在 PDO 准备语句中使用 LIKE 子句?

相关文章