<?php //PDO:数据访问抽象层 //带有事务功能; //dsn:数据源 $dsn="mysql:host=localhost;dbname=aaas"; //造pdo对象 $pdo=new PDO($dsn,"root","");//数据源,用户名,密码 //启动事务 $pdo->beginTransaction(); //写SQL语句 $sql="select * form Info"; //执行SQL语句 $a=$pdo->query($sql); //回滚事务 //$pdo->RollBack(); foreach($a as $v) { var_dump($v); } ?> <?php
特点二:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>下午</title> </head> <body> <?php //可以防止SQL注入攻击 $dsn="mysql:host=localhost;dbname=aaas"; $pdo=new PDO($dsn,"root",""); $sql="select * from Nation"; //将一条SQL语句放在服务器上准备运行 $stm=$pdo->prepare($sql); //执行预处理语句,执行成功返回true,失败返回false if($stm->execute()) { var_dump($stm->fetch()); } ?> <?php //可以防止SQL注入攻击 $dsn="mysql:host=localhost;dbname=aaas"; $pdo=new PDO($dsn,"root",""); $sql="insert into Nation values(?,?)"; //将一条SQL语句放在服务器上准备运行 $stm=$pdo->prepare($sql); //绑定参数,数据较少的数据库,太复杂 不推荐 $stm->bindParam(1,$code); $stm->bindParam(2,$name); //给变量赋值 $code="n030"; $name="壮族"; //执行预处理语句,执行成功返回true,失败返回false if($stm->execute()); { var_dump($stm->fetch()); } ?> <?php //可以防止SQL注入攻击 $dsn="mysql:host=localhost;dbname=aaas"; $pdo=new PDO($dsn,"root",""); $sql="insert into Nation values(?,?)"; //将一条SQL语句放在服务器上准备运行 $stm=$pdo->prepare($sql); $attr=array("n005","苗族"); //执行预处理语句,执行成功返回true,失败返回false if($stm->execute($attr)); { } ?> <?php //可以防止SQL注入攻击 $dsn="mysql:host=localhost;dbname=aaas"; $pdo=new PDO($dsn,"root",""); $sql="insert into Nation values(:code,:name)"; //将一条SQL语句放在服务器上准备运行 $stm=$pdo->prepare($sql); $attr=array("code"=>"n007","name"=>"水族"); //执行预处理语句,执行成功返回true,失败返回false if($stm->execute($attr)); { } ?> </body> </html>