0

更新:感谢所有帮助人员,我决定尝试编写自己的 PHP 类来处理 MySQL 请求。

当我尝试从函数切换mysql_mysqli_函数时,我现在面临一个问题,因为我实际上有数万行 PHP/MySQL 代码和分散在数百个文件中的查询,它们都是使用诸如mysql_query, mysql_num_rows,mysql_fetch_assoc等函数。逐行(甚至使用查找/替换)将这些mysqli_函数更改为带有准备好的语句的函数,这一切都已经够痛苦了,但是如果将来 PHP.net 决定发布其他的东西怎么办?会弃用这些mysqli_功能吗?

所以现在我正在考虑编写我自己的 MySQL 库(你会这么称呼它吗?),它调用mysqli_函数并将其包含在我的所有文件中。这样,如果我将来需要更改其他内容,理论上我可以更改“库”中的功能一次,更改将反映在所有页面上,而不是手动完成并手动更改所有内容。

这是个好主意吗?我在网上找到了一个叫做MeekroDB的东西,但首先我不确定它是否是我正在寻找的东西,其次他们要收取 50 美元才能在商业上使用它(我想这样做。)是否有其他免费的解决方案,还是我只是在浪费时间?

任何意见/反馈表示赞赏:)

编辑:如果不清楚,就好像我在对数据库进行查询的每个文件中都连接到我的数据库。我有一个用于连接 MySQL 数据库的 functions.php 文件,我include在所有其他文件中都使用了该文件。我的问题与mysql_query,mysql_num_rowsmysql_fetch_assoc.

4

4 回答 4

4

从查看您引用的链接到MeekroDB,我认为您正在编写的不是mysql_*/mysqli_*方法之类的 MySQL API。

您实际上要编写的是Database Abstraction Layer,尽管它是特定于 MySQL 的。

事实是,除非您要编写自己的底层模块来与 MySQL 通信(当然,您在 PHP 中也很难做到这一点),否则您可能最终还是会使用这些mysqli_方法作为支持。

有许多可用的层,但老实说,我会考虑使用 PDO 而不是编写自己的,或者mysqli_*如果您担心函数被弃用,则使用。PDO 使用自己的 MySQL 驱动程序,因此如果需要,将进行更新。它还支持您需要的所有内容,包括易于使用的事务、准备好的语句等等。

如果您想创建自己的易于访问的方法,例如DB::Query(..),您可以通过简单地包装 PDO 来做到这一点。

Overall, though, I don't see how this is going to help with organising your code. You're probably going to want to look into something like an ORM (Object Relationship Mapper) to your DB where you can define your own classes that map straight into tables, which should alleviate the need of running queries almost entirely, apart from edge cases. The most comprehensive ORM available would probably be Doctrine, although you can quite easily write your own by again, wrapping PDO.

Just as an example of what you could achieve by using an ORM, here's a snippet of code to demonstrate:

$blogPost = BlogPosts::Load(123);
$blogPost->title = 'New Title';
$blogPost->save();
于 2013-01-20T16:56:54.317 回答
3

Wrapping your code around the basic PHP database function is a good idea, otherwise there are already a few good solutions you should not have to build you own library. Maybe ORM (Object-relational_mapping) would be interesting for you, popular libraries are doctrine or propel.

于 2013-01-20T17:00:10.713 回答
2

Would this be a good idea?

As a matter of fact, this is the only sane way of handling SQL queries.

Let me suggest you my library, designed to protect your queries against SQL injections. It is absolutely free and way better than anything that costs $50 or $5000.

The only thing you need to learn before starting to use it is type-hinted placeholders, but the conception is very easy and I am sure you will get it in a second. Nevertheless, feel free to ask any questions.

By the way, PDO is apparently not the way to go - it is ugly, toilsome to use and unsafe with whatever query that goes slightly beyond several basic cases.
For example:

// SafeMySQL: only 2 lines and not a sign of injection
$sql  = "SELECT * FROM goods WHERE category IN(?a) ORDER BY ?n";
$data = $db->getAll($sql, $_GET['categories'], $_GET['orderby']);

// PDO
// errr... (massive headscratching resulting with something like 
// 2 screens of code with manual escaping and all that stuff 
// but most likely still unsdafe as only few PHP developers
// actually have an idea how to properly handle such cases )
于 2013-01-20T17:02:30.657 回答
1

You're looking for something similar to a "database wrapper class".

PHP since 5.1 has a built-in abstraction layer called PDO for that.

于 2013-01-20T16:58:15.860 回答