Php 如何进行完整的动态插入查询?
到目前为止我已经试过了Php 如何进行完整的动态插入查询?,php,dynamic,insert,Php,Dynamic,Insert,到目前为止我已经试过了 class Test { public $table = 'users' public $fields = ('id', 'username', 'password'); public $id = ""; public $username = "yousufiqbal"; public $password = "123456"; public function fields_to_string(){ foreach ($fields as $field) {
class Test {
public $table = 'users'
public $fields = ('id', 'username', 'password');
public $id = "";
public $username = "yousufiqbal";
public $password = "123456";
public function fields_to_string(){
foreach ($fields as $field) {
// some stuff here
}
}
public function properties_to_string(){
// some stuff here
}
public function insert(){
global $dbh;
$sql = "INSERT INTO {$this->table} ($this->fields_to_string()) VALUES ($this->properties_to_string());";
$dbh->exec($sql);
}
}//这里有些东西
return implode( ',', $this->fields );
对于值:
return "'" . implode( "','", $this->values ) . "'";
我会这样做:
class Test {
public $table;
public $fields;
public $values;
public function __construct($fields, $values, $table){
$this->fields = $fields;
$this->values = $values;
$this->table = $table;
}
public function fields_to_string(){
return "`".implode("`, `", $this->fields)."`";
}
public function properties_to_string(){
return "'".implode("', '", $this->values)."'";
}
public function insert(){
global $dbh;
$sql = "INSERT INTO `{$this->table}` (".$this->fields_to_string().") VALUES (".$this->properties_to_string().");";
$dbh->exec($sql);
echo $sql; // for test purposes
}
}
$fields = array('username', 'password');
$values = array('Mihai', 'stackoverflow');
$test = new Test($fields, $values, 'users');
$test->insert();
// INSERT INTO `users` (`username`, `password`) VALUES ('Mihai', 'stackoverflow');
最好将字段值作为一个数组来保存。这个例子应该能让你明白:
class Test
{
public $table = 'users';
public $fields = array( 'id', 'username', 'password' );
public $values = array( "", "yousufiqbal", "123456" );
public function insert()
{
global $dbh;
$fields = '`' . implode( '`,`', $this->fields ) . '`';
$values = implode( ',', $this->values );
$sql = "INSERT INTO `$this->table` ( $fields ) VALUES ( $values )";
$dbh->exec( $sql );
}
}
下一步是实现参数绑定,以防止SQL注入 也许我有点懒,但作为一个新手,这是我的极限:)你犯了什么错误?你犯了什么错误?或者你根本就没犯错误?我说过我有错误吗?对一个试用过的应用程序进行完全不向下的投票并不是stackoverflow垄断。好吧,但是关于
properties\u to_string()
?这几乎是一样的,您可能缺少的是在值周围需要加引号。查看我的更新答案。但我的应用程序是一个来自属性的字符串,因为我为我的类使用PDO::fetch_INTO
。对尝试过的应用程序的否决票并不是stackoverflow垄断。我不明白你的意思?a-1的原因是什么?我想知道我没有投你反对票,我只是想帮你。现在我将投反对票,因为你不是很有建设性。很高兴你理解了。向你问好,我没有否决你。相反,我喜欢你的问题,从我这里得到了+1。任何人都可以投反对票,不一定是回答的人之一,大多数情况下不会,因为我们花了一些时间来回答正确;)
class Test {
public $fields = array('id', 'username', 'password');
public $properties = array('id' => "", 'username' => "yousufiqbal",'password' =>"123456");
public function fields_to_string(){
$fields_str = implode(',', $this->fields);
return $fields_str;
}
public function properties_to_string(){
$properties_str = implode(',', "'".$this->properties."'");
return $properties_str;
}
public function insert(){
global $dbh;
$sql = "INSERT INTO `{$this->table}` ($this->fields_to_string()) VALUES ($this->properties_to_string());";
$dbh->exec($sql);
}
}