1.預處理語句中使用占位符,分為 索引方式 和 關聯方式
a.索引方式:
$pdo=new PDO($dns,$username,$password,$options);
$sql='select * from tests where username=?,password=?';
$stmt=$pdo->prepare($sql);
$stmt->execute(array($username,$password));
b.關聯方式:
$pdo=new PDO($dns,$username,$password,$options);
$sql='select * from tests where username=:username,password=:password';
$stmt=$pdo->prepare($sql);
$stmt->execute(array(':username'=>$username,':password'=>$password));
2.更靈活的預處理方式
a.使用bindParam()綁定參數,參數只可使用變量,不可使用值
$pdo=new PDO($dns,$username,$password,$options);
$sql='select * from tests where username=:username,password=:password';
$stmt=$pdo->prepare($sql);
?? $stmt->bindParam(':username',$username);
$stmt->bindParam(':password',$password);
$stmt->execute();
b.使用bindValue()綁定參數,參數可使用值
?? $pdo=new PDO($dns,$username,$password,$options);
$sql='select * from tests where username=?,password=?;
$stmt=$pdo->prepare($sql);
?? $stmt->bindParam(1$username);
$stmt->bindParam(2,$password);
$stmt->execute();
冒泡排序)
)
)
插入排序)
)
)
)
