pdo一是php数据对象(php data object)的缩写。
并不能使用pdo扩展本身执行任何数据库操作,必须使用一个database-specific pdo driver(针对特定数据库的pdo驱动)访问数据库服务器。
pdo并不提供数据库抽象,它并不会重写sql或提供数据库本身缺失的功能,如果你需要这种功能,你需要使用一个更加成熟的抽象层。
pdo需要php5核心oo特性的支持,所以它无法运行于之前的php版本。
pdo有非常多的操作却是mysql扩展库所不具备的:
1、pdo真正的以底层实现的统一接口数库操作接口,不管后端使用的是何种数据库,如果代码封装好了以后,应用层调用基本上差不多的,当后端数据库更换了以后,应用层代码基本不用修改.
2、pdo支持更高级的db特性操作,如:存储过程的调度等,mysql原生库是不支持的.
3、pdo是php官方的pecl库,兼容性稳定性必然要高于mysql extension,可以直接使用 pecl upgrade pdo 命令升级.
4、pdo可以防止sql注入,确保数据库更加安全
pdo有预处理语句,使用语句预处理将帮助你免于sql注入攻击。
一条预处理语句是一条预编译的 sql 语句,它可以使用多次,每次只需将数据传至服务器。其额外优势在于可以对使用占位符的数据进行安全处理,防止sql注入攻击。
安装配置及测试
在windows下进行有关pdo测试的时候,php.ini中的extension_dir的值要填为pdo*.dll的路径,否则无法运行pdo的相关程序。
; directory in which the loadable extensions (modules) reside.
extension_dir = e:\www\php5\ext
<?php$host = 'localhost';$user = 'root';$password = 'develop';$dbname = '99game';$dbh = new pdo("mysql:host=$host;dbname=$dbname", $user, $password);//=======================================================//例子 1. execute a prepared statement with named placeholders/* execute a prepared statement by binding php variables */$user_id = 1;$email = 'caihf_73940@qq.com';$sth = $dbh->prepare('select user_id,email,token from 99game_user where user_id = :user_id and email = :email');$sth->bindparam(':user_id', $user_id, pdo::param_int);$sth->bindparam(':email', $email, pdo::param_str, 30);$sth->execute();$result = $sth->fetch(pdo::fetch_assoc);print_r($result);print("<br />\n");//例子 2. execute a prepared statement with question mark placeholders/* execute a prepared statement by binding php variables */$user_id = 2;$email = 'caihuafeng1@gmail.com';$sth = $dbh->prepare('select user_id,email,token from 99game_user where user_id = ? and email = ?');$sth->bindparam(1, $user_id, pdo::param_int);$sth->bindparam(2, $email, pdo::param_str, 30);$sth->execute();$result = $sth->fetch(pdo::fetch_assoc);print_r($result);print("<br />\n");print "<hr />\n"; //=======================================================//=======================================================$sth = $dbh->prepare("select user_id,email,token from 99game_user limit 10");$sth->execute();/* 运用 pdostatement::fetch 风格 */print("pdo::fetch_assoc: ");print("return next row as an array indexed by column name<br />\n");$result = $sth->fetch(pdo::fetch_assoc);print_r($result);print("<br />\n");print("\n");print("pdo::fetch_both: ");print("return next row as an array indexed by both column name and number<br />\n");$result = $sth->fetch(pdo::fetch_both);print_r($result);print("<br />\n");print("\n");print("pdo::fetch_lazy: ");print("return next row as an anonymous object with column names as properties<br />\n");$result = $sth->fetch(pdo::fetch_lazy);print_r($result);print("<br />\n");print("\n");print("pdo::fetch_obj: ");print("return next row as an anonymous object with column names as properties<br />\n");$result = $sth->fetch(pdo::fetch_obj);print_r($result);print 'user_id:' . $result->user_id;print("<br />\n");print("\n");print "<hr />\n";//=======================================================//=======================================================function readdataforwards($dbh) { $sql = 'select user_id,email,token from 99game_user limit 10'; try { $stmt = $dbh->prepare($sql, array(pdo::attr_cursor, pdo::cursor_scroll)); $stmt->execute(); while ($row = $stmt->fetch(pdo::fetch_num, pdo::fetch_ori_next)) { $data = $row[0] . "\t" . $row[1] . "\t" . $row[2] . "<br />\n"; print $data; } $stmt = null; } catch (pdoexception $e) { print $e->getmessage(); }}function readdatabackwards($dbh) { $sql = 'select user_id,email,token from 99game_user limit 10'; try { $stmt = $dbh->prepare($sql, array(pdo::attr_cursor => pdo::cursor_scroll)); $stmt->execute(); $row = $stmt->fetch(pdo::fetch_num, pdo::fetch_ori_last); do { $data = $row[0] . "\t" . $row[1] . "\t" . $row[2] . "<br />\n"; print $data; } while ($row = $stmt->fetch(pdo::fetch_num, pdo::fetch_ori_prior)); $stmt = null; } catch (pdoexception $e) { print $e->getmessage(); }}print "reading forwards:<br />\n";readdataforwards($dbh);print "<hr />\n";print "reading backwards:<br />\n";//下面的数据没有按照想像中的倒排输出,暂时不知道什么原因,php.net官方手册中的例子也是这么写的readdatabackwards($dbh);//=======================================================?>
以上测试程序输出如下:
array([user_id] => 1[email] => caihf_73940@qq.com[token] => 123token456_73940)array([user_id] => 2[email] => caihuafeng1@gmail.com[token] => 33fadfasdfadsf)pdo::fetch_assoc: return next row as an array indexed by column namearray([user_id] => 1[email] => caihf_73940@qq.com[token] => 123token456_73940)pdo::fetch_both: return next row as an array indexed by both column name and numberarray([user_id] => 2[0] => 2[email] => caihuafeng1@gmail.com[1] => caihuafeng1@gmail.com[token] => 33fadfasdfadsf[2] => 33fadfasdfadsf)pdo::fetch_lazy: return next row as an anonymous object with column names as propertiespdorow object([querystring] => select user_id,email,token from 99game_user limit 10[user_id] => 3[email] => caihf_61039@qq.com[token] => 123token456_61039)pdo::fetch_obj: return next row as an anonymous object with column names as propertiesstdclass object([user_id] => 6[email] => aa1@aa.com[token] => cu8ady73epcmf54o7w0q1f0f8r3b2y4d)user_id:6
更多相关知识,请访问 !!