From 8365c5d7cd484f4d8132f0d981f7606522536923 Mon Sep 17 00:00:00 2001 From: ThinkPHP Date: Fri, 26 Apr 2013 21:09:00 +0800 Subject: [PATCH] =?UTF-8?q?Think/Db/Driver=E7=B1=BB=E5=A2=9E=E5=8A=A0?= =?UTF-8?q?=E5=AF=B9=E5=86=99=E5=85=A5=E6=95=B0=E6=8D=AE=E7=9A=84=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E5=8F=82=E6=95=B0=E7=BB=91=E5=AE=9A=E5=A4=84=E7=90=86?= =?UTF-8?q?=EF=BC=8C=E5=8F=AF=E4=BB=A5=E5=92=8C=E6=A8=A1=E5=9E=8B=E7=9A=84?= =?UTF-8?q?bind=E6=96=B9=E6=B3=95=E4=B8=80=E8=B5=B7=E9=85=8D=E5=90=88?= =?UTF-8?q?=E4=BD=BF=E7=94=A8=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Library/Think/Db/Driver.php | 45 +++++++++++++++++++++++++++++-------- 1 file changed, 36 insertions(+), 9 deletions(-) diff --git a/Library/Think/Db/Driver.php b/Library/Think/Db/Driver.php index 2d4eb2e5..c5d021fa 100644 --- a/Library/Think/Db/Driver.php +++ b/Library/Think/Db/Driver.php @@ -71,6 +71,7 @@ abstract class Driver { PDO::ATTR_ORACLE_NULLS => PDO::NULL_NATURAL, PDO::ATTR_STRINGIFY_FETCHES => false, ]; + protected $bind = []; // 参数绑定 /** * 架构函数 读取数据库配置信息 @@ -325,12 +326,26 @@ abstract class Driver { protected function parseSet($data) { foreach ($data as $key=>$val){ $value = $this->parseValue($val); - if(is_scalar($value)) // 过滤非标量数据 - $set[] = $this->parseKey($key).'='.$value; + if(is_scalar($value)) {// 过滤非标量数据 + $name = md5($key); + $set[] = $this->parseKey($key).'=:T'.$name; + $this->bindParam($name,$value); + } } return ' SET '.implode(',',$set); } + /** + * 参数绑定 + * @access protected + * @param string $name 绑定参数名 + * @param mixed $value 绑定值 + * @return void + */ + protected function bindParam($name,$value){ + $this->bind[':T'.$name] = $value; + } + /** * 字段名分析 * @access protected @@ -700,6 +715,16 @@ abstract class Driver { return implode(' ',$sql); } + /** + * 参数绑定分析 + * @access protected + * @param array $bind + * @return array + */ + protected function parseBind($bind){ + return array_merge($this->bind,$bind); + } + /** * 插入记录 * @access public @@ -714,14 +739,16 @@ abstract class Driver { foreach ($data as $key=>$val){ $value = $this->parseValue($val); if(is_scalar($value)) { // 过滤非标量数据 - $values[] = $value; - $fields[] = $this->parseKey($key); + $fields[] = $this->parseKey($key); + $name = md5($key); + $values[] = ':'.$name; + $this->bindParam($name,$value); } } $sql = ($replace?'REPLACE':'INSERT').' INTO '.$this->parseTable($options['table']).' ('.implode(',', $fields).') VALUES ('.implode(',', $values).')'; $sql .= $this->parseLock(isset($options['lock'])?$options['lock']:false); $sql .= $this->parseComment(!empty($options['comment'])?$options['comment']:''); - return $this->execute($sql,!empty($options['bind'])?$options['bind']:[]); + return $this->execute($sql,$this->parseBind(!empty($options['bind'])?$options['bind']:[])); } /** @@ -738,7 +765,7 @@ abstract class Driver { array_walk($fields, [$this, 'parseKey']); $sql = 'INSERT INTO '.$this->parseTable($table).' ('.implode(',', $fields).') '; $sql .= $this->buildSelectSql($options); - return $this->execute($sql); + return $this->execute($sql,$this->parseBind(!empty($options['bind'])?$options['bind']:[])); } /** @@ -758,7 +785,7 @@ abstract class Driver { .$this->parseLimit(!empty($options['limit'])?$options['limit']:'') .$this->parseLock(isset($options['lock'])?$options['lock']:false) .$this->parseComment(!empty($options['comment'])?$options['comment']:''); - return $this->execute($sql,!empty($options['bind'])?$options['bind']:[]); + return $this->execute($sql,$this->parseBind(!empty($options['bind'])?$options['bind']:[])); } /** @@ -776,7 +803,7 @@ abstract class Driver { .$this->parseLimit(!empty($options['limit'])?$options['limit']:'') .$this->parseLock(isset($options['lock'])?$options['lock']:false) .$this->parseComment(!empty($options['comment'])?$options['comment']:''); - return $this->execute($sql,!empty($options['bind'])?$options['bind']:[]); + return $this->execute($sql,$this->parseBind(!empty($options['bind'])?$options['bind']:[])); } /** @@ -796,7 +823,7 @@ abstract class Driver { return $value; } } - $result = $this->query($sql,!empty($options['bind'])?$options['bind']:[]); + $result = $this->query($sql,$this->parseBind(!empty($options['bind'])?$options['bind']:[])); if($cache && false !== $result ) { // 查询缓存写入 S($key,$result,$cache); }