PHP VitessPdo\PDO ParamProcessor示例

编程语言: PHP

命名空间/包名称: VitessPdo\PDO

类/类型: ParamProcessor

hotexamples.com的示例: 2

PHP VitessPdo\PDO ParamProcessor - 已找到2个示例。这些是从开源项目中提取的最受好评的VitessPdo\PDO\ParamProcessor现实PHP示例。您可以评价示例，以帮助我们提高示例质量。

常用方法

显示隐藏

process(1)

processEscaped(1)

示例#1

显示文件

文件： PDOStatement.php 项目： pixelfederation/vitess-php-pdo

 /**
  * Binds a value to a parameter
  *
  * Binds a value to a corresponding named or question mark placeholder in the SQL statement that was used
  * to prepare the statement.
  *
  * @param mixed $parameter - Parameter identifier. For a prepared statement using named placeholders, this will be
  *                           a parameter name of the form :name. For a prepared statement using question mark
  *                           placeholders, this will be the 1-indexed position of the parameter.
  *
  * @param mixed $value     - The value to bind to the parameter.
  * @param int $dataType    - The value to bind to the parameter.
  *
  * @return bool            - Returns TRUE on success or FALSE on failure.
  */
 public function bindValue($parameter, $value, $dataType = CorePDO::PARAM_STR)
 {
     try {
         if (is_int($parameter)) {
             $parameter = "v{$parameter}";
         }
         $variable = $this->paramProcessor->process($value, $dataType);
         $this->params[$parameter] = $variable;
     } catch (CoreException $e) {
         return false;
     }
     return true;
 }

示例#2

显示文件

文件： PDO.php 项目： pixelfederation/vitess-php-pdo

 /**
  * Quotes a string for use in a query.
  *
  * PDO::quote() places quotes around the input string (if required) and escapes special characters within the input
  * string, using a quoting style appropriate to the underlying driver.
  *
  * If you are using this function to build SQL statements, you are strongly recommended to use PDO::prepare()
  * to prepare SQL statements with bound parameters instead of using PDO::quote() to interpolate user input into
  * an SQL statement. Prepared statements with bound parameters are not only more portable, more convenient,
  * immune to SQL injection, but are often much faster to execute than interpolated queries, as both the server
  * and client side can cache a compiled form of the query.
  *
  * Not all PDO drivers implement this method (notably PDO_ODBC). Consider using prepared statements instead.
  *
  * CAUTION
  * Security: the default character set
  *
  * The character set must be set either on the server level, or within the database connection itself
  * (depending on the driver) for it to affect PDO::quote(). See the driver-specific documentation
  * for more information.
  *
  * @param string $string        - The string to be quoted.
  * @param int $parameterType    - Provides a data type hint for drivers that have alternate quoting styles.
  *
  * @return string               - Returns a quoted string that is theoretically safe to pass into an SQL statement.
  *                                Returns FALSE if the driver does not support quoting in this way.
  */
 public function quote($string, $parameterType = CorePDO::PARAM_STR)
 {
     return "'" . $this->paramProcessor->processEscaped($string, $parameterType) . "'";
 }