标签:
使用预处理语句——prepare()方法
1、使用命名参数
$pdo = new PDO($dsn,$user,$pwd); $sql = ‘insert into table1 set name=:name,age=:age‘; $result = $pdo->prepare($sql); //执行准备sql $result->excute(array(‘:name‘=>‘zhangsan‘,‘:age‘=>‘2‘));
2、使用问号参数
$pdo = new PDO($dsn,$user,$pwd); $sql = "insert into table1 set name=?,age=?"; $result = $pdo->prepare($sql); //执行准备sql $name = ‘zhangsan‘;$age = ‘2‘; $result->excute(array($name,$age));
3、通过bindParam()方法
$pdo = new PDO($dsn,$user,$pwd); $sql = ‘insert into table1 set name=:name,age=:age‘; $result = $pdo->prepare($sql); //绑定参数 $name = ‘zhangsan‘;$age = ‘2‘; $result->bindParam(‘:name‘=>$name); $result->bindParam(‘:age‘=>$age); //执行准备sql $result->excute();
标签:
原文地址:http://www.cnblogs.com/hadeswp/p/5426566.html
