Mysqli多查询的PHP程序准备语句
[英]PHP Procedural Prepared Statement for Mysqli Multi Query
问题描述
I have a PHP code that opens a CSV file using fgetcsv then reads through each rows then constructs a "Insert Into" query and attaches it to a variable named $MyQuery . 
我有一个PHP代码,该代码使用fgetcsv打开CSV文件,然后读取每行,然后构造“插入到”查询,并将其附加到名为$MyQuery的变量。 This is the most understandable way for me when trying to update my database using information from a CSV file downloaded from the company website. 对于我来说,这是尝试使用从公司网站下载的CSV文件中的信息更新数据库时最容易理解的方法。 This is working as I expected using the code below: 正如我期望的那样,使用以下代码可以正常工作:
if (mysqli_multi_query($conn, $MyQuery))
{
do
{
/* store first result set */
if ($result = mysqli_store_result($conn))
{
mysqli_free_result($result);
}
} while (mysqli_next_result($conn));
}
Recently I learned about Prepared Statements and how they can secure your queries. 最近,我了解了预备语句以及它们如何保护您的查询。
PROBLEM: How can I do multiquery with prepared statement in Procedural Mysqli way? 问题:如何使用程序化Mysqli方式对准备好的语句进行多查询? I tried researching, a lot says it isn't possible. 我尝试研究,很多人说这是不可能的。 Some say it is possible but by creating different variables for each queries which is impossible for me as I will be inserting over 10000 records to my database from the CSV file. 有人说可以,但是通过为每个查询创建不同的变量,这对我来说是不可能的,因为我将从CSV文件向数据库中插入10000条以上的记录。 Is there any other ways to achieve this? 还有其他方法可以做到这一点吗?
I'm thinking it can be done by looping through each records then doing a prepared-statement version of Insert Into but I thought doing 10000 Insert Into SQL commands would be very slow. 我认为可以通过遍历每个记录,然后执行Insert Into语句的预声明版本来完成,但是我认为执行10000次插入SQL命令会很慢。
1 个解决方案
解决方案1
-1 2016-06-13 03:48:30
I am not 100% sure what you are asking but fallowing might work. 我不确定您要问什么,但休闲可能会奏效100%。 First of all I would use pdo for connecting to a database. 首先,我将使用pdo连接到数据库。 Fallowing is just a basic outline of what I think you want to do. 休闲只是我认为您想做的事情的基本概述。
$pdo = new PDO('mysql:host=localhost;dbname=mydatabase', 'myusername', 'mypassowrd');
$query = "
INSERT INTO table (colum1, colum2, colum3)
VALUES (:info1, :info2, :info3)
";
$stmt = $pdo->prepare($query);
do
{
$stmt->execute(array(':info1'=>$my_info1, ':info2'=>$my_info2, ':info3'=>$my_info3));
} while( your condition);
There is two advantages for prepared statements. 准备语句有两个优点。 First is security and the second allows to do the same query over and over changing the values. 第一个是安全性,第二个是一遍又一遍地更改值来进行相同的查询。 This will make each of queries fast if you prepare them. 如果您准备了它们,这将使每个查询快速。
here is a ling that can explain more about prepared statements http://php.net/manual/en/pdo.prepared-statements.php 这是一个可以解释更多有关准备好的语句的语言http://php.net/manual/en/pdo.prepared-statements.php
I am adding a Procedural way of doing it using mysqli. 我正在添加使用mysqli的过程方式。
$query = "
INSERT INTO table (colum1, colum2, colum3)
VALUES (?, ?, ?)
";
if ($stmt = mysqli_prepare($conn, $query))
{
do
{
mysqli_stmt_bind_param($stmt, "sss", $my_info1, $my_info2, $my_info3);
mysqli_stmt_execute($stmt);
} while( your condition)
}
I am not sure why you are using mysqli_store_result(), mysqli_free_result(), or mysqli_next_result(). 我不确定为什么要使用mysqli_store_result(),mysqli_free_result()或mysqli_next_result()。 Since inserting rows produces no results. 由于插入行不会产生任何结果。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.