dougan1465 2014-04-09 16:14
浏览 77
已采纳

PHP PDO有选择地使用bindParam

$pdo = $db_con->prepare("INSERT INTO agents (Agent_ID,Agent_Name,Agent_Branch) VALUES (?,?,?)");
$pdo->bindParam(1, $id);
$pdo->bindParam(2, $name);
$pdo->bindParam(3, $branch);
$pdo->execute();

So in this example I only need to really use bindParam on $branch because $name and $id have passed through a strict REGEX using preg_replace.

Is there a way to include these sanitised variables in the statement or any other way to shorten this code?

  • 写回答

1条回答 默认 最新

  • douhuiqi3855 2014-04-09 16:25
    关注

    The short way would be:

    $pdo = $db_con->prepare("INSERT INTO agents (Agent_ID,Agent_Name,Agent_Branch) VALUES (?,?,?)");
$pdo->execute(array($id,$name,$branch));

    if you ever wanted to bind parameters, replace the question marks with placeholders:

    $pdo = $db_con->prepare("INSERT INTO agents (Agent_ID,Agent_Name,Agent_Branch) VALUES (:id,:name,:branch)");
$pdo->bindParam(':id', $id);
$pdo->bindParam(':name', $name);
$pdo->bindParam(':branch', $branch);
$pdo->execute();
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

    报告相同问题?

    悬赏问题

    • ¥15 Erasure Code纠删码表
    • ¥15 用vite创建的vue3项目,404重定向不起作用??
    • ¥15 关于#c语言#的问题:一个球从80米高度自由落下,每次落地后反弹的高度为原高度的一半计算6次小球反弹的高度.(反弹结果取整,使用走走for循环结构)
    • ¥15 SurfaceControl的screenshot问题
    • ¥15 基于51单片机的oled菜单代码,要C语言,模块化编程!
    • ¥15 JAVAswing,设计一个扑克牌什么的
    • ¥50 python ctypes调用dll实现分析
    • ¥40 用python解决数据统计问题
    • ¥100 是否有方案能通过抓包分析得到移动应用的名称和包名信息?
    • ¥15 opencv检测不到轮廓