解析MySQLi查询语句以获取PDO迁移的参数

This question is about parsing in PHP, not how to migrate MySQLi to PDO.

I want to migrate some old code from MySQLi to PDO. The site has over 400 string query statements. I want to revise the code to use prepared statements.

I.e., convert

$query = 'SELECT * from table where x='.$x.' and y > '.$y.' or (z<= 35 and auth like "%ed")'
$result = $conn->query($query);

$query = 'SELECT * from table where x = ? and y > ? or (z <= ? and auth like ?)';
$stmt = $conn->prepare($query);
$stmt->bind_param($x, $y, $35, '%ed');
$stmt->execute();

I started out by parsing the $query string to find 'where', then looking for 'and' to separate parameter/value pairs, etc.

Edit: This is basic code to read lines in a file (in this case, a .php file):

$fn = fopen("myfile.php","r+");
while(!feof($fn))  {
    $line = fgets($fn);
    if (strpos($line, 'select'){
       // add parse code here
    };
}

when finding a line with a query statement, the line will be a literal string something like this:

($line = ) $query = 'select * from menu where authlvl>0 and authlvl<=' . $authlvl . ' order by title';

Then, the code to parse may look something like this:

$where = substr($line, strpos($line, 'where') + 5);
$pair = array();
$j = 0;
$st = 0;
if (strpos(substr($where, $st), 'and', $st)) > 0){
    while (($and = strpos(substr($where, $st), 'and', $st)) > 0){
        $pair[$j] = trim(substr($where, $st, $and - 1));
        $pair[$j+1] = trim(substr($where, $and + 4));
        $st = $and;
        $j++;
    }
}
$ops = array(' ', '<', '>', '=');
(find operators to identify parameters and values for each pair...)

This intuitively is not efficient. Is there a better way to parse the $query string to find the parameters than this? Note that there may be 'order by', etc. in the string that should just append after finding the parameters.

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
douba3975 2019-06-28 17:38
关注
I ended up solving this parsing problem using regex. I am sure that there are much more efficient regex patterns that can be used for matching but this served its purpose.

Reading a line in a PHP file using fgets() yields a string (including the variable name and all syntax), for example:

$query = 'select * from menu where authlvl>0 and authlvl<=' . $authlvl . ' order by title';

The first step is to confirm that the line of code includes a SELECT statement with a WHERE clause and is not a commented statement. The WHERE clause is taken out and split by and/or to get conditional pairs of parameter/value.

Then the parameter/value pairs can be split to allow rewriting the statement according to PDO.

if (preg_match('/(=\s*\'select|=\s*"select)/', $line) && preg_match('/(where)/i', $qry) && !preg_match('/^(\s*\/\/)/', $line)) { $z = preg_match('/(?<=where).+/i', $qry, $matches); $where = trim($matches[0]); $pairs = preg_split('/( and | or )/', $where); $andor = preg_match_all('/(\s*and\s*|\s*or\s*)+/', $where, $ao);

The conditional pairs are split by finding comparison operators in each pair.

preg_match('/.+?(?:[\=<>]+)/', $pair, $par) preg_match('/[^(' . preg_quote($par[0]) . ')].*/', $pair, $val)

The values can then be replaced by question marks and the query statement rewritten. The values can also be placed in an array for PDO.

$query = 'select * from menu where authlvl > ? and authlvl <= ? order by title'; $values = array('0', $authlvl); $stmt = $this->pdosc->prepare($query); $stmt->execute($values); $result = $stmt->fetchAll(PDO::FETCH_ASSOC);

I was able to use regex to capture nearly any variation of SELECT statements that I have and quickly update (migrate) my files from MySQLi to PDO. Of course, I have a wrapper function that takes either a simple string for the query statement (MySQLi) or a 2 part array with the query and values (PDO).
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

解析MySQLi查询语句以获取PDO迁移的参数 php
2019-06-22 14:42

回答 1 已采纳 I ended up solving this parsing problem using regex. I am sure that there are much more efficient
我怎么能用PDO做mysqli查询？ php
2019-03-07 08:23

回答 1 已采纳 As you have no insecure data in your query, there's no need to use prepare, use simple query funct
PHP-试图将Mysqli转换为PDO php
2016-12-22 15:39

回答 4 已采纳 That's a horrifically awful way to select data from a database. It's far more complex than is nece
php_mysqli 与 pdo 性能对比,php中使用mysql、mysqli、pdo连接数据库的用法和比较
2021-03-16 23:01

葬爱乡村蔡宝健的博客 PHP与mySQL的连接有三种API接口，分别是：PHP的MySQL扩展、PHP的mysqli扩展、PHP数据对象(PDO) ，下面针对以上三种连接方式做下总结，以备在不同场景下选出最优方案。一、特性及对比PHP的MySQL扩展是设计开发允许...
2006年从mysqli迁移到PDO的错误代码映射 php
2016-10-17 07:59

回答 1 已采纳 You can use the array of PDO::errorInfo. There you get an array like the following: Array ( [
多个SELECT查询中的PDO / mysqli内存泄漏 mysql php
2018-09-15 20:14

回答 2 已采纳 I disabled xDebug and the problem is solved! Tnanks to this answer: https://stackoverflow.com/a/4
PHP Mysqli查询更新无法使用变量 php
2016-08-06 00:28

回答 1 已采纳 It seems like you're trying to set the value in a column called "january" to zero for all rows. Is
php_mysqli 与 pdo 性能对比,php中使用mysql、mysqli、pdo的比较
2021-03-16 23:01

weixin_39902345的博客 pdo则是最新的数据库抽象方法，pdo高度抽象了数据库操作，项目使用pdo方法可以方便的进行迁移，在不同的数据库之间进行迁移。在高负载的情况下.PDO开启长连接能够得到一个相对稳定的负载“值”。但是效率却不是最高...
如何将此代码从mysqli更改为PDO php
2019-04-14 10:20

回答 1 已采纳 This is how you would do it: // Execute query and fetch a single cell from the result $total_reco
用PHP将MySQLi转换为PDO？ mysql php
2015-03-04 19:31

回答 1 已采纳 Assuming $stmt is your connection parameter...then $query = $stmt->prepare("SELECT * FROM tabl
将PHP示例代码从mysqli转换为PDO html5 mysql php
2017-08-30 15:47

回答 1 已采纳 This is how you would do this query in PDO database connection: $host = 'localhost'; $db = '';
PHP使用PDO连接不同的 SQL 数据库
2022-04-12 14:24

allway2的博客 PDO（PHP 数据对象）定义了一个轻量级、一致的接口，用于在 PHP 中访问许多不同的 SQL ...例如，您已经使用 MySQLi 编写了一个应用程序，现在您想要迁移您的应用程序以使用 PostgreSQL。MySQLi 和 PostgreSQL 使用不同.
PHP mysqli准备语句自己的类 php
2017-12-24 12:10

回答 1 已采纳 You can't use $stmt->bind_param() that way. You would need to do argument unpacking because bin
php中使用mysql、mysqli、pdo的比较
2019-10-03 23:08

dasongbo7290的博客普通的mysql方法在安全性方面应该不是很好，每次需要考虑sql注入...pdo则是最新的数据库抽象方法，pdo高度抽象了数据库操作，项目使用pdo方法可以方便的进行迁移，在不同的数据库之间进行迁移。在高负载的情况下....
pdo_mysql扩展_从MySQL扩展迁移到PDO
2020-08-26 20:13

culh2177的博客 pdo_mysql扩展This guide is a practical overview to help you begin migrating your existing PHP code from using the older MySQL extension to the newer PDO database abstraction extension. I won’t go ...
php_mysql、php_mysqli 与 pdo_mysql 的区别与选择
2015-11-13 20:54

果子妈妈的博客使用pdo、自动化SQL（db-sql-maker-php）、查询用PDO::query()、格式化用PDOStatement::fetchAll()。 php代码的可移植性——从mysql迁移到其他数据库（比如pgsql）时，php代码不用修改：使用自动化SQL ...
pdo和mysql connect_PHP的PDO与普通的mysql_connect
2021-03-16 23:23

yyyshdy的博客 PDO比mysql_ *慢一点，但它具有很好的可移植性。 PDO提供跨多个数据库的单一界面。这意味着你可以使用多个数据库，而不使用mysql的mysql_query，MS sql的mssql_query等。总是使用类似于$ db-> query(“INSERT ...
从 MySQL 扩展迁移到 PDO
2022-09-15 13:59

allway2的博客 PDO 和特定于 SQLite 的驱动程序应该是从 5.1.0 版开始的默认 PHP 安装的一部分，并且仍然需要安装特定于 MySQL 的驱动程序，但是大多数 Linux 发行版通常对如何编译和打包 PHP 有不同的想法。DSN 是“数据源名称”...
mysql pdo 的好处_mysqli或PDO-优缺点是什么？ [关闭]
2021-03-03 18:55

weixin_39920403的博客按照目前的情况，这个问题不适合我们的问答形式。我们希望答案会得到事实，参考或专业知识的支持，但是这个问题可能会引起辩论，争论，民意调查...在我们的位置上，我们在使用mysqli和PDO进行诸如准备好的语句和事...
没有解决我的问题, 去提问

悬赏问题

¥20 蓝牙耳机怎么查看日志
¥15 Fluent齿轮搅油
¥15 八爪鱼爬数据为什么自己停了
¥15 交替优化波束形成和ris反射角使保密速率最大化
¥15 树莓派与pix飞控通信
¥15 自动转发微信群信息到另外一个微信群
¥15 outlook无法配置成功
¥30 这是哪个作者做的宝宝起名网站
¥60 版本过低apk如何修改可以兼容新的安卓系统
¥25 由IPR导致的DRIVER_POWER_STATE_FAILURE蓝屏

解析MySQLi查询语句以获取PDO迁移的参数

1条回答 默认 最新

悬赏问题

1条回答默认最新