Summary of PHP differences in PDO database operations between 5.1.* and 5.2.*
- 2020-05-16 06:30:21
- OfStack
introduce
Today, differences were found between php 5.1.* and php 5.2.* during the execution of the database precompiled code.
Advantages of precompilation
1. Use placeholders to avoid entering data verbatim into SQL. Automatically handles character escapes such as quotation marks and backslashes - for added security.
2. "prepare" one statement in advance, and bind different values for reuse each time it is executed. -- used for statements that are executed more than once in the future.
3. Readable.
code
The database connection code is the same.
Here are some tests. Notice the SQL and for or foreach statements!
Test 1(bind with key values)
Conclusion: PHP 5.1.* PHP 5.2.* Perform normal Perform normal $params['name'] =' rentao' and $params[':name']='rentao' both work, meaning they are not restricted by ': '. Test 2(numeric subscript to bind, but the binding starting parameter is 1) -- ":key" cannot be bound with numeric subscript on php5.2.*
Conclusion:
php 5.1.* PHP 5.2.* Perform normal Error: "PHP Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number: parameter was not defined" What if I change "name" to "?" , then both versions can proceed smoothly. You cannot use both symbols at the same time. For example, select * from t2 where name=? limit :page test 3(limit binding :page)
Conclusion:
PHP 5.1.* PHP 5.2.* To $stmt - execution > When execute(), process 1 is in the wait state Performed normally: did not print out test 4(precompiled under limit :page) -- using "?" Mechanism to run
PHP 5.1.* PHP 5.2.* Perform normal Perform normally: print no results test 5-- order by)
PHP 5.1.* PHP 5.2.* Printed the results, but not sorted by order by Execute normally: cannot print result summary
When using PDO for database precompilation, PHP should avoid using limit, order by, group by for database precompilation. We try to use the unified 1 standard for binding variables, otherwise we all use "? ". , or use: key.
Useful command, I tested at php5.1.*, finished testing, I transferred the file to php5.2.* server via scp
Today, differences were found between php 5.1.* and php 5.2.* during the execution of the database precompiled code.
Advantages of precompilation
1. Use placeholders to avoid entering data verbatim into SQL. Automatically handles character escapes such as quotation marks and backslashes - for added security.
2. "prepare" one statement in advance, and bind different values for reuse each time it is executed. -- used for statements that are executed more than once in the future.
3. Readable.
code
The database connection code is the same.
$protol = 'mysql:host=localhost;dbname=test';
$username = 'monty';
$passwd = '0818';
$dbh = new PDO($protol, $username, $passwd);
Here are some tests. Notice the SQL and for or foreach statements!
Test 1(bind with key values)
$stmt = $dbh->prepare('select * from t1 where name=:name');
$params = array();
$params['name'] = 'rentao';
foreach($params as $k=>$v){
$stmt->bindParam($k, $v);
}
$stmt->execute();
$item = array();
while($row = $stmt->fetch(PDO::FETCH_ASSOC)){
var_dump($row);
}
$stmt = null;
$dbh = null;
Conclusion: PHP 5.1.* PHP 5.2.* Perform normal Perform normal $params['name'] =' rentao' and $params[':name']='rentao' both work, meaning they are not restricted by ': '. Test 2(numeric subscript to bind, but the binding starting parameter is 1) -- ":key" cannot be bound with numeric subscript on php5.2.*
$stmt = $dbh->prepare('select * from t1 where name=:name limit 2');
$params = array();
$params[] = 'rentao';// Let's add it here or not ":" Can be executed successfully
for($i=0,$iLen = count($params); $i < $iLen; $i++){
$k = $i+1;
$stmt->bindParam($k, $params[$i]);
}
echo "HERE1\n";
$stmt->execute();
echo "HERE2\n";
$item = array();
while($row = $stmt->fetch(PDO::FETCH_ASSOC)){
var_dump($row);
}
$stmt = null;
$dbh = null;
Conclusion:
php 5.1.* PHP 5.2.* Perform normal Error: "PHP Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number: parameter was not defined" What if I change "name" to "?" , then both versions can proceed smoothly. You cannot use both symbols at the same time. For example, select * from t2 where name=? limit :page test 3(limit binding :page)
$stmt = $dbh->prepare('select * from t2 where name=:name limit :page');
$params = array();
$params['name'] = 'rentao';// Let's add it here or not ":" Can be executed successfully
$params['page'] = 2;
foreach($params as $k=>$v){
$stmt->bindParam($k, $v);
}
$stmt->execute();
echo "HERE1\n";
$item = array();
while($row = $stmt->fetch(PDO::FETCH_ASSOC)){
var_dump($row);
}
echo "HERE2\n";
$stmt = null;
$dbh = null;
Conclusion:
PHP 5.1.* PHP 5.2.* To $stmt - execution > When execute(), process 1 is in the wait state Performed normally: did not print out test 4(precompiled under limit :page) -- using "?" Mechanism to run
$stmt = $dbh->prepare('select * from t2 where name=? limit ?');
$params = array();
$params[] = 'rentao';
$params[] = 2;
for($i=0,$iLen = count($params); $i < $iLen; $i++){
$k = $i+1;
$stmt->bindParam($k, $params[$i]);
}
$stmt->execute();
$item = array();
while($row = $stmt->fetch(PDO::FETCH_ASSOC)){
var_dump($row);
}
$stmt = null;
$dbh = null;
PHP 5.1.* PHP 5.2.* Perform normal Perform normally: print no results test 5-- order by)
PHP 5.1.* PHP 5.2.* Printed the results, but not sorted by order by Execute normally: cannot print result summary
When using PDO for database precompilation, PHP should avoid using limit, order by, group by for database precompilation. We try to use the unified 1 standard for binding variables, otherwise we all use "? ". , or use: key.
Useful command, I tested at php5.1.*, finished testing, I transferred the file to php5.2.* server via scp
scp -P9888 index.php rentao@192.168.10.4:/home/rentao