Execute an SQL statement using Prepared Statements.
PExecute($sql, $varN)
$sql is the MySQL query to perform on the database
$varN are the variables that will be placed instead of the ? separated by a ',' or it can be the method Prepare
Prepared Statements help you in many cases to avoid avoid mysql injections and helps increasing security of your queries by separating the SQL logic from the data being supplied.
DALMP by default tries to determine the type of the data supplied, so you can just focus on your query without needing to specify the type of data, If you preffer you can manually specify the type of the data. The following table, show the characters which specify the types for the corresponding bind variables:
| Character | Description |
|---|---|
| i | corresponding variable has type integer |
| d | corresponding variable has type double |
| s | corresponding variable has type string |
| b | corresponding variable is a blob and will be sent in packets |
Like the Execute Method, in most cases you probably only use this method when Inserting or Updating data for retrieving data you can use the same methods used for the Cache method which are:
| method | Description |
|---|---|
| PGetall | Executes the SQL and returns the all the rows as a 2-dimensional array. If an error occurs, false is returned. |
| PGetRow | Executes the SQL and returns the first row as an array. If an error occurs, false is returned. |
| PGetCol | Executes the SQL and returns all elements of the first column as a 1-dimensional array. If an error occurs, false is returned. |
| PGetOne | Executes the SQL and returns the first field of the first row. If an error occurs, false is returned. |
| PGetASSOC | Executes the SQL and returns an associative array for the given query. If the number of columns returned is greater to two, a 2-dimensional array is returned, with the first column of the recordset becomes the keys to the rest of the rows. If the columns is equal to two, a 1-dimensional array is created, where the the keys directly map to the values. If an error occurs, false is returned. |
Examples:
require_once 'dalmp.php';
$db = new DALMP('utf8://root:'.rawurlencode('pass-?/:word').'@mysql.localbox.org:3306/mydatabase');
$db->PExecute('SET time_zone=?','UTC');Example using 'LIKE'
$sql = 'SELECT Name, Continent FROM Country WHERE Population > ? AND Code LIKE ?';
$rs = $db->FetchMode('ASSOC')->PGetAll($sql, 1000000, '%P%');If you want to define the types, you must pass an array specifying each type. Example:
$rs = $db->FetchMode('ASSOC')->PGetAll('SELECT * FROM mytable WHERE name=? AND id=?', array('s' => '99.3', 7));
An Insert example
$db->PExecute('INSERT INTO mytable (colA, colB) VALUES(?,?)', rand(), rand());An Update example
$db->PExecute('UPDATE Country SET code=? WHERE Code="PRT"', 'PRT');When updating the return value '0', Zero indicates that no records where updated