PHP MySQL insert multiple pieces of data

PHP MySQL Insert multiple pieces of data

Use MySQLi and PDO to insert multiple pieces of data into MySQL

The mysqli_multi_query() function can be used to execute multiple SQL statements.

The following example adds three new records to the "MyGuests" table:

Example (MySQLi - Object-oriented)

connect_error) { die("连接失败: " . $conn->connect_error); } $sql = "INSERT INTO MyGuests (firstname, lastname, email) VALUES ('John', 'Doe', 'john@example.com');"; $sql .= "INSERT INTO MyGuests (firstname, lastname, email) VALUES ('Mary', 'Moe', 'mary@example.com');"; $sql .= "INSERT INTO MyGuests (firstname, lastname, email) VALUES ('Julie', 'Dooley', 'julie@example.com')"; if ($conn->multi_query($sql) === TRUE) { echo "新记录插入成功"; } else { echo "Error: " . $sql . "
" . $conn->error; } $conn->close(); ?>

Please note that each SQL statement must be No. separated.

Instance (MySQLi - Procedure Oriented)

" . mysqli_error($conn); } mysqli_close($conn); ?>

Instance (PDO)

setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // 开始事务 $conn->beginTransaction(); // SQL 语句 $conn->exec("INSERT INTO MyGuests (firstname, lastname, email) VALUES ('John', 'Doe', 'john@example.com')"); $conn->exec("INSERT INTO MyGuests (firstname, lastname, email) VALUES ('Mary', 'Moe', 'mary@example.com')"); $conn->exec("INSERT INTO MyGuests (firstname, lastname, email) VALUES ('Julie', 'Dooley', 'julie@example.com')"); // 提交事务 $conn->commit(); echo "新记录插入成功"; } catch(PDOException $e) { // 如果执行失败回滚 $conn->rollback(); echo $sql . "
" . $e->getMessage(); } $conn = null; ?>

Use prepared statements

Mysqli extension provides The second way is used to insert statements.

We can prepare statements and bind parameters.

mysql extension can send statements or queries to the mysql database without data. You can nematically associate or "bind" variables.

Example (MySQLi uses prepared statements)

connect_error) { die("连接失败: " . $conn->connect_error); } else { $sql = "INSERT INTO MyGuests VALUES(?, ?, ?)"; // 为 mysqli_stmt_prepare() 初始化 statement 对象 $stmt = mysqli_stmt_init($conn); //预处理语句 if (mysqli_stmt_prepare($stmt, $sql)) { // 绑定参数 mysqli_stmt_bind_param($stmt, 'sss', $firstname, $lastname, $email); // 设置参数并执行 $firstname = 'John'; $lastname = 'Doe'; $email = 'john@example.com'; mysqli_stmt_execute($stmt); $firstname = 'Mary'; $lastname = 'Moe'; $email = 'mary@example.com'; mysqli_stmt_execute($stmt); $firstname = 'Julie'; $lastname = 'Dooley'; $email = 'julie@example.com'; mysqli_stmt_execute($stmt); } } ?>

We can see that modularization is used to solve the problem in the above example. We can achieve easier reading and management by creating code blocks.

Pay attention to the binding of parameters. Let's take a look at the code in mysqli_stmt_bind_param():

mysqli_stmt_bind_param($stmt, 'sss', $firstname, $lastname, $email);

This function binds the parameter query and Parameters are passed to the database. The second parameter is "sss" . The following list shows the parameter types. The s character tells mysql that the parameter is a string.

can be the following four parameters:

· i - integer

· d - double precision floating point number

· s - string

· b - Boolean value

Each parameter must specify a type to ensure data security. Type judgment can reduce the risk of SQL injection vulnerabilities.