我几乎没有用于日常审计事务的 php 代码。我很容易理解这一点。
$result = mssql_query("BEGIN TRAN");
$result = mssql_query("insert into items_history (select * from items)"); //move transaction to history
$result = mssql_query("delete * from items)"); //clear transaction table for new month transaction
$result = mssql_query( //get the data for used in another script
"select items_history.item_id,
items_history.item_name,
group_items.group_name
from
items_history,group_items
where group_items.id=items_history.id and
day(items_history.date_trans)=day(items_history.date_trans)-1 " // whit where include
);
$result = mssql_query("update trans_control set current_day=current_day+1" }; //update the system date to next day
if (!$result) {
mssql_query("ROLLBACK TRAN");
} else {
mssql_query("COMMIT TRAN");
}
mssql_close();
由于某种原因,该数据库需要与mysql数据库在线存储。在离线状态下,我不太担心这段代码的安全性。但在网上,它让我想到了安全。现在我想将此脚本转换为 PDO MySql。目标很简单,更安全:
$result = q("BEGIN");
$result = q("qry1");
$result = q("qry2");
$result = q("qry3");// select with many join table and some parameter data in where like 'string','int', 'date', and maybe with "Union All" in select
$result = q("qry..."};
if (!$result) {
q("ROLLBACK");
} else {
q("COMMIT");
}
如果另一个问题有同样的问题。我很高兴从这个开始,特别是简单的包装器,所以我可以了解它是如何工作的。谢谢你。