使用默认前缀从具有 300 个表的 mysql 数据库中选择

发布于 2024-10-24 05:02:52 字数 379 浏览 7 评论 0原文

我有一个程序，可以从大约 200 个带有前缀的表中进行选择。例如PBN_产品、PBN_地址、PBN_其他。有没有一种方法可以将前缀定义为默认值并进行选择，而不是在 select 语句的每个表上附加前缀？

$prefix=GET['prefix'];
mysql_connect(DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD);
mysql_select_db(DB_DATABASE);
$sql = 'SELECT price, description, title, cost'.
        'FROM products, address, others';

如何定义不包含在所有表中的前缀？我有200张桌子。

原文

I have a program that selects from about 200 tables with prefix. eg PBN_products, PBN_address, PBN_others.
Instead of appending the prefix on each table for the select statement, is there a way of defining the prefix as default value and do the selection?

$prefix=GET['prefix'];
mysql_connect(DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD);
mysql_select_db(DB_DATABASE);
$sql = 'SELECT price, description, title, cost'.
        'FROM products, address, others';

How can I define the prefix not to include in all tables? I have 200 tables.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

疾风者 2024-10-31 05:02:52

我会研究一个类来执行一些简单的查询抽象或某种执行此操作的 ORM 库。一个样本会是这样的。

class Query {
    function from($tbl){
        return new Table($tbl);
    }
}
class Table {
    var $prefix = 'PBN_';
    var $tblname = '';

    function Table($name){
        $this->tblname = $this->prefix.$name;
    }
    function select($cols, $where = false, $order = false, $limit = false){
        $query = "SELECT {$cols} FROM {$this->tblname}";
        if($where) $query .= " WHERE ".$where; //add where
        if($order) $query .= " ORDER BY ".$order; //add order
        if($limit) $query .= " LIMIT ".$limit; //add limit
        return $query;
    }
}

$q = new Query;
$results = mysql_query($q->from('products')->select('*'));

这显然远非完整或安全。这只是抽象类如何加速您的 sql 并为您添加前缀的示例。

I would look into a class to do some simple query abstraction or some kind of ORM lib that does this. A sample would be like this.

class Query {
    function from($tbl){
        return new Table($tbl);
    }
}
class Table {
    var $prefix = 'PBN_';
    var $tblname = '';

    function Table($name){
        $this->tblname = $this->prefix.$name;
    }
    function select($cols, $where = false, $order = false, $limit = false){
        $query = "SELECT {$cols} FROM {$this->tblname}";
        if($where) $query .= " WHERE ".$where; //add where
        if($order) $query .= " ORDER BY ".$order; //add order
        if($limit) $query .= " LIMIT ".$limit; //add limit
        return $query;
    }
}

$q = new Query;
$results = mysql_query($q->from('products')->select('*'));

This is obviously nowhere near complete or secure. Just a sample of how an abstraction class could speed up your sql and do you your prefixes for you.

回复收藏 0 原文

羞稚 2024-10-31 05:02:52

您可以使用表名称定义一个数组，然后循环访问该数组。将数组项附加到字符串时，请将硬编码的“PBN_”放在该名称前面。

$arr = array("products","address","others");
$sql = "SELECT price, description, title, cost FROM ";
foreach ($arr as $tablename) {
    $sql = $sql . "PBN_" . $tablename . ", ";
}
$sql = substr($sql, 0, -2); // Remove last comma

然后，您可以将所有表名添加到数组中，前缀将自动添加。

You could define an array with the table names, and loop through that array. When you append the array item to the string, put "PBN_" hardcoded in front of that name.

$arr = array("products","address","others");
$sql = "SELECT price, description, title, cost FROM ";
foreach ($arr as $tablename) {
    $sql = $sql . "PBN_" . $tablename . ", ";
}
$sql = substr($sql, 0, -2); // Remove last comma

You can then add all the tablenames to the array, and the prefix will automatically be added.

回复收藏 0 原文

夜还是长夜 2024-10-31 05:02:52

像这样的事情怎么样？

 $prefix = GET['prefix'];

// add prefix to table names
foreach (array("products", "address", "others") as &$table) 
{
    $table = $prefix.$table;
}

mysql_connect(DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD);
mysql_select_db(DB_DATABASE);

$sql = 'SELECT price, description, title, cost'.
       'FROM '.$table[0].', '.$table[1].', '.$table[2];

How about something like this?

 $prefix = GET['prefix'];

// add prefix to table names
foreach (array("products", "address", "others") as &$table) 
{
    $table = $prefix.$table;
}

mysql_connect(DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD);
mysql_select_db(DB_DATABASE);

$sql = 'SELECT price, description, title, cost'.
       'FROM '.$table[0].', '.$table[1].', '.$table[2];

回复收藏 0 原文

桜花祭 2024-10-31 05:02:52

你可以做这样的事情吗？

$prefix = '';
if(isset($_GET['prefix'])){
    $prefix = mysql_real_escape_string(stripslashes($_GET['prefix']));
}

$sql = "SELECT price, description, title, cost 
           FROM {$prefix}products, {$prefix}address, {$prefix}others";

编辑：我同意这种不好的做法的评论...另一种方法是将前缀存储在另一个表中并在 GET 中传递该表的 ID。这将使您不易受到 SQL 注入的攻击。

$prefix = "";
if(isset($_GET['prefixid'])){
    $prefixid = mysql_real_escape_string(stripslashes($_GET['prefixid']));
    $query = "SELECT prefix FROM prefixes WHERE prefixid = $prefixid";
    $result = mysql_query($query);
    $prefix = mysql_result($result, 0, 0);
}
$sql = "SELECT price, description, title, cost 
           FROM {$prefix}products, {$prefix}address, {$prefix}others";

You could do something like this?

$prefix = '';
if(isset($_GET['prefix'])){
    $prefix = mysql_real_escape_string(stripslashes($_GET['prefix']));
}

$sql = "SELECT price, description, title, cost 
           FROM {$prefix}products, {$prefix}address, {$prefix}others";

EDIT: I agree on the comments that this is bad practice... An alternative would be to store the prefixes in another table and pass an ID of that table in the GET. This would make you less vulnarable to SQL injections.

$prefix = "";
if(isset($_GET['prefixid'])){
    $prefixid = mysql_real_escape_string(stripslashes($_GET['prefixid']));
    $query = "SELECT prefix FROM prefixes WHERE prefixid = $prefixid";
    $result = mysql_query($query);
    $prefix = mysql_result($result, 0, 0);
}
$sql = "SELECT price, description, title, cost 
           FROM {$prefix}products, {$prefix}address, {$prefix}others";

回复收藏 0 原文

~没有更多了~