php函数运行mysql查询
[英]Php function to run mysql queries
问题描述
I am trying to create functions to run mysql queries 
我正在尝试创建函数来运行mysql查询
How would I do things like insert queries. 我将如何做诸如插入查询之类的事情。 I was thinking 我刚在想
function insert_query ($table,$cols,$values)
{
$sql="insert into $table ($cols) values ($values) "; ...etc
}
With the rest of the query code in the function. 与其余查询代码一起在函数中。 But how would I add multiple columns and values? 但是如何添加多个列和值?
Should I make $cols and $values An array inside the function? 我应该在函数内部使$cols和$values数组吗?
4 个解决方案
解决方案1
0 2013-12-30 10:52:02
Easy, just us arrays 简单,仅我们数组
function insert_query ($table,$cols,$values){
$sql="insert into $table (".implode(",", $cols).") values (".implode("','", $values)."'') ";
}
insert_query('exampleTable', array('column_1', 'column_2', 'column_3'), array('a', 123, 'c') );
The implode for the values requires a small sidenote: 这些值的内插需要一个小的旁注:
Strings always required being wrapped in quotes. 始终需要将字符串用引号引起来。 Therefor I made the implode with single qoutes. 因此,我以单次qoutes进行了爆破。 The downside to this is that integets (like 123 in the example) also get wrapped. 不利的一面是,整数(如示例中的123 )也被包裹了。
This is not a big problem, but if you want you could replace the implode with a foreach that uses is_numeric to check wether it should be wrapped in quotes. 这不是一个大问题,但是如果您愿意,可以用一个使用is_numeric检查是否要用引号括起来的foreach替换爆破。
IMPORTANT SECURITY NOTE: 重要安全注意事项:
In this example I havent used proper seurity, like escape_string() , this has to be added! 在此示例中,我没有使用适当的安全性,例如escape_string() ,必须添加它! I've not added thos to keep the examples smaller 我没有添加任何使示例更小的方法
Another approach could be key/value-usage of an array: 另一种方法可能是数组的键/值使用:
function insert_query ($table,$data){
$cols = array_keys($data);
$values = array_values($data);
$sql = "insert into $table (".implode(",", $cols).") values (".implode("','", $values)."'') ";
}
$info = array('column_1'=>'a', 'column_2'=>123, 'column_3'=>'c');
$info['example'] = 'Easy method to add more key/values';
insert_query('tableName', $info);
解决方案2
0 2013-12-30 10:52:37
In this case you can use functions similar to codeigniter functions. 在这种情况下,您可以使用类似于codeigniter函数的函数。 Use arrays to store table name and columns or values 使用数组存储表名称以及列或值
For example: 例如:
$data = array('hid' => $hcsdate,'start_date' => $sdate, 'end_date' => $edate, 'title' =>$title);
Here $data holds the column name and corresponding values. 这里$data保存列名和相应的值。
And pass this $data to another functions for insert, update etc.. 并将此$data传递给另一个函数进行插入,更新等。
解决方案3
0 2013-12-30 10:55:12
Here is what I'm using. 这是我正在使用的。 Pass field name and Value as Array key and value. 将字段名称和值传递为数组键和值。 $lsQry is an array of field name & value pair $ lsQry是字段名称和值对的数组
function insert_record($table,$lsQry)
{
$fields_str = implode(',',array_keys($lsQry));
$data_str = implode("','",$lsQry);
$data_str = "'" . implode("','", $lsQry) . "'";
$lsQry = "INSERT INTO $table($fields_str) VALUES($data_str)";
$rs = mysql_query($lsQry);
if(isset($rs))
return true;
else
return false;
}
Please Note 请注意
For this function, do consider that function is getting an array of fields name and value pair. 对于此函数,请务必考虑该函数正在获取字段名称和值对的数组。 It is assumed that htmlentities() and addslashes() or any escaping functions are already applied while creating array from post/get values. 假定从发布/获取值创建数组时,已经应用了htmlentities()和Addslashes()或任何转义函数。
解决方案4
0 2013-12-30 11:07:07
This is a function of my Database Class. 这是我的数据库类的功能。
public function insert($table,$values){
$fieldNames = "";
$fieldValues = "";
foreach($values as $key => $value){
$fieldNames .= "$key,";
$fieldValues .= "$value,";
}
$fieldNames = substr($fieldNames,0,-1);
$fieldValues = substr($fieldValues,0,-1);
$sql = "INSERT INTO $table($fieldNames) VALUES ($fieldValues)";
$this->newConnection();
$result = $this->mysqli->query($sql);
$this->closeConnection();
return $result;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.