准备好的语句 PHP OOP

Question

使用 PHP OOP 和 mysqli 在产品添加页面上工作，此时我正在处理准备好的语句实现，但找不到有关如何将它们添加到此类代码中的信息。

任何指导方针都将受到重视。

代码：

数据库连接class：

<?php
class DbConfig {    
    private $_host = 'localhost';
    private $_username = 'root';
    private $_password = 'falcons17';
    private $_database = 'scandiweb';

    protected $connection;

    public function __construct()
    {
      if (!isset($this->connection)) {
        $this->connection = new mysqli($this->_host, $this->_username, $this->_password, $this->_database);
        if (!$this->connection) {
          echo 'Cannot connect to database server';
          exit;
        }           
      } 

      return $this->connection;
    }
}
?>

执行函数：

public function execute($query) {
  $result = $this->connection->query($query);
  if ($result == false) {
    echo mysqli_error($this->connection); /*'Error: cannot execute the command'*/
    return false;
  } else {
    return true;
  }
}

验证和添加程序：

 <?php
//including the database connection file
include_once("classes/Crud.php");
include_once("classes/Validation.php");

$crud = new Crud();
$validation = new Validation();    
if(isset($_POST['Submit'])) {   
    $sku = $crud->prepare_string($_POST['sku']);
    $name = $crud->prepare_string($_POST['name']);
    $price = $crud->prepare_string($_POST['price']);
    $products = $crud->prepare_string($_POST['products']);
    $weight = $crud->prepare_string($_POST['weight']);
    $capacity = $crud->prepare_string($_POST['capacity']);
    $height = $crud->prepare_string($_POST['height']);
    $width = $crud->prepare_string($_POST['width']);
    $length = $crud->prepare_string($_POST['length']);

    $check_int = $validation->is_int($_POST, array('price','weight','capacity','height','width','length'));    
    if ($check_int != null){
      echo $check_int;
    }else {
      $result = $crud->execute("INSERT INTO products(sku,name,price,product_type,weight,capacity,height,width,length) VALUES('$sku','$name','$price','$products','$weight','$capacity','$height','$width','$length')");

      //display success message
      echo "<font color='green'>Data added successfully.";
      echo "<br/><a href='index.php'>View Result</a>";
    }
  }
?>

Answer 1

这是我经常使用的class。它从单独的 .ini 文件获取登录信息。随时根据您的需要进行更改。请记住，它将关联数组设置为标准。

class CC_DBV {

private static $mysqlhost; 
private static $mysqluser; 
private static $mysqlpwd; 
public static $mysqldb;
private static $db;
private static $mysqlport;


function __construct() {


    // ini File einlesen
    $globSettings = parse_ini_file(_ROOTV_.'cfg/main.ini',true);

    // Datenbankverbindung
    self::$mysqlhost = $globSettings ['db_settings']['host'];                   // MySQL-Host aus Config Datei
    self::$mysqluser = $globSettings ['db_settings']['db_user'];        // MySQL-User aus Config Datei
    self::$mysqlpwd = $globSettings ['db_settings']['db_pswd'];         // Passwort aus Config Datei
    self::$mysqldb = $globSettings ['db_settings']['db'];                       // Datenbank aus Config Datei
    self::$mysqlport = $globSettings ['db_settings']['port'];                   // Datenbank aus Config Datei

}

public function getInstance( ) { 
        if(!self::$db) { 

            try{

                self::$db = new \PDO( 
                        'mysql:host='.self::$mysqlhost.';dbname='.self::$mysqldb.';port='.self::$mysqlport, 
                        self::$mysqluser, 
                        self::$mysqlpwd, 
                        array( 
                                \PDO::ATTR_PERSISTENT => true, 
                                \PDO::ATTR_ERRMODE => \PDO::ERRMODE_EXCEPTION ,
                                \PDO::ATTR_DEFAULT_FETCH_MODE => \PDO::FETCH_ASSOC,
                                \PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'"
                        ) 
                ); 
                //self::$db->exec("SET NAMES utf8"); 

                return self::$db; 

            }catch (\PDOException $e){
                echo 'Connection failed: ' . $e->getMessage();
            }

        }else{
            return self::$db;
        }

}

}

要使用它，您需要执行以下操作：

$conn = new CC_DBV(); // you can use this connection multiple times, it's persistant.
$inst = $conn->getInstance(); // create or get the instance of the opened connection
$stmnt = $inst->prepare("SELECT * FROM tablename WHERE xyz = :VAR1"); // prepare statement with placeholder(s)
$v = array(':VAR1' => 'aValue'); // set up an array with corresponding values
$r1 = $stmnt->execute($v); // execute statement with values
if(!$r1){ echo "PANICMODE";}else{ var_dump($stmnt->fetchAll()));

准备好的语句 PHP OOP

Prepared statement PHP OOP

php

oop

mysqli

prepared-statement