如何定义 PDOStatement::bindValue() 中的变量类型?
PDOStatement::bindValue() 方法提供了一种指定变量绑定类型的方法:
PDOStatement::bindValue ( $parameter , $value [, $data_type = PDO::PARAM_STR ] )
我想知道,指定数据类型的目的是什么,而保留为默认值时 (PARAM_STR)最终数据库会在使用它之前将值转换为正确的类型吗?
例如,如果您对 INTEGER 字段进行以下查询:
INSERT INTO table (integerField) VALUES (?) ;
SELECT * FROM table WHERE integerField = ? ;
并且您在 PHP 中绑定了一个整数,PDO 默认情况下会将其绑定为字符串,这相当于:
INSERT INTO table (integerField) VALUES ("1") ;
SELECT * FROM table WHERE integerField = "1" ;
这将完美地工作,因为SQL 数据库(至少 MySQL,我不太清楚这在其他 RDBMS 上如何工作)知道如何在使用字符串之前将其转换回整数。
在哪些用例中,绑定类型参数与字符串会产生影响?
The PDOStatement::bindValue() method offers a way to specify the type of the variable bound:
PDOStatement::bindValue ( $parameter , $value [, $data_type = PDO::PARAM_STR ] )
I'm wondering, what's the purpose of specifying the data type, whereas when leaved as default (PARAM_STR) eventually the database will anyway cast the value to the proper type before using it?
For example, if you have these queries over an INTEGER field:
INSERT INTO table (integerField) VALUES (?) ;
SELECT * FROM table WHERE integerField = ? ;
And you bind an integer in PHP, PDO will by default bind it as a string, which is equivalent as:
INSERT INTO table (integerField) VALUES ("1") ;
SELECT * FROM table WHERE integerField = "1" ;
That will work flawlessly, because the SQL database (at least MySQL, I'm not really aware of how that would work on other RDBMS) knows how to convert the string back to an integer before using it.
What are the use cases where it would make a difference to bound typed parameters vs strings?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
我不是 PDO 专家,但我可以想到 data_type 参数既有用甚至需要的一些场景。
输出参数
定义输出或输入/输出参数时,必须提供预期输出参数的类型和长度。
参考: http://www.php.net/manual/en/ pdo.prepared-statements.php
示例 #4
示例 #5
没有隐式转换的 DBM
在这个问题的另一个答案中进行了解释...
当参数未绑定到可转换数据时< /strong>
甚至具有强制转换功能的数据库能力并不总是能够正确地转换你的变量。
参考:在 PDO 中强类型参数的原因?
I'm no PDO-expert, but I can think of a few scenarioes where the data_type parameter is both useful and even needed.
Output parameters
When you define output or input/output parameters, you must provide both type and length of the expected output parameter.
Ref: http://www.php.net/manual/en/pdo.prepared-statements.php
Example #4
Example #5
DBMs without implicit casting
Explained in another answer to this question...
When parameter is not bound to castable data
Even databases with casting abilities will not always be able to cast you variable correctly.
Ref: Reasons to strongly type parameters in PDO?
这主要用于与需要正确输入的数据库进行交互。例如,如果在 MySQL 中启用严格模式,当类型不匹配时,您将收到错误(查询失败)而不是警告。
默认情况下,MySQL 会尽力正确转换数据。但是如果您曾经在日期字段中看到过 0000-00-00,那很可能是 mysql 尝试将字符串转换为日期但失败的结果。在严格模式下,查询将失败,而不是尝试转换并使用任何结果。
That's mainly for interacting with databases that require correct typing. For example, if you enable strict mode in MySQL, you will get errors (failed queries) instead of warnings when there are type mismatches.
By default, MySQL does its best to convert data properly. But if you have ever seen 0000-00-00 in a date field, that is very likely the result of mysql trying to convert a string to a date and failing. In strict mode, the query would fail instead of trying to convert and using whatever the result is.
PDOStatement::bindValue() 的数据类型参数并不是很有用。本质上:
似乎没有其他东西被转换。请参阅此处快速查看源代码和更好的解释。也许最重要的是,如果您传递的数据类型与您传递的数据类型不匹配,PDO 不会引发异常或产生错误。
The data type parameter to PDOStatement::bindValue() isn't terribly useful. Essentially:
Nothing else seems to be converted. See here for a quick look at the source code and a little better explanation. Perhaps most importantly, PDO will not throw an exception or produce an error if you pass data with a type that doesn't match the data type you passed.