MySQL中预处理语句中预处理语句prepare、、execute与与deallocate的使用的使用
教程教程
前言前言
MySQL官方将prepare、execute、deallocate统称为PREPARE STATEMENT,我习惯称其为【预处理语句】,其用法十分简
单,下面话不多说,来一起看看详细的介绍吧。
示例代码示例代码
PREPARE stmt_name FROM preparable_stmt
EXECUTE stmt_name
[USING @var_name [, @var_name] ...] -
{DEALLOCATE | DROP} PREPARE stmt_name
举个栗子:举个栗子:
mysql> PREPARE pr1 FROM 'SELECT ?+?';
Query OK, 0 rows affected (0.01 sec)
Statement prepared
mysql> SET @a=1, @b=10 ;
Query OK, 0 rows affected (0.00 sec)
mysql> EXECUTE pr1 USING @a, @b;
+------+
| ?+? |
+------+
| 11 |
+------+
1 row in set (0.00 sec)
mysql> EXECUTE pr1 USING 1, 2; -- 只能使用用户变量传递。
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server
version for the
right syntax to use near '1, 2' at line 1
mysql> DEALLOCATE PREPARE pr1;
Query OK, 0 rows affected (0.00 sec)
使用PAREPARE STATEMENT可以减少每次执行SQL的语法分析,比如用于执行带有WHERE条件的SELECT和DELETE,
或者UPDATE,或者INSERT,只需要每次修改变量值即可。
同样可以防止SQL注入,参数值可以包含转义符和定界符。
适用在应用程序中,或者SQL脚本中均可。
更多用法:更多用法:
同样PREPARE … FROM可以直接接用户变量:
mysql> CREATE TABLE a (a int);
Query OK, 0 rows affected (0.26 sec)
mysql> INSERT INTO a SELECT 1;
Query OK, 1 row affected (0.04 sec)
Records: 1 Duplicates: 0 Warnings: 0
mysql> INSERT INTO a SELECT 2;
Query OK, 1 row affected (0.04 sec)
Records: 1 Duplicates: 0 Warnings: 0
mysql> INSERT INTO a SELECT 3;
Query OK, 1 row affected (0.04 sec)
Records: 1 Duplicates: 0 Warnings: 0
评论0