我一直在发现句子PHP PDO's Prepared statements prevent SQL injection
.
我读过这个:PDO 准备好的语句是否足以防止 SQL 注入?但那里的数据并不完全清楚.
I have read this: Are PDO prepared statements sufficient to prevent SQL injection? But the data there is not completely clear.
乍一看,您的问题看起来更复杂,只需一个链接即可回答
Well, at second glance your question looks more complex to be answered with just one link
php pdo的prepared statement是如何防止sql注入的?
How does php pdo's prepared statements prevent sql injection?
预处理语句如何防止 SQL 注入攻击?
使用 PDO 的其他优点/缺点是什么?
What are other pros/cons of using PDO?
最有趣的问题.
PDO 最大的缺点是:它被兜售和传播银弹,另一个崇拜的偶像.
虽然不了解它根本不会像任何其他工具一样发挥作用.
PDO 有一些关键特性,比如
Most interesting question.
A greatest PDO disadvantage is: it is peddled and propagated a silver bullet, another idol to worship.
While without understanding it will do no good at all, like any other tool.
PDO has some key features like
使用 PDO 会降低效率吗?
Does using PDO reduce efficiency?
再次强调,降低效率的不是 PDO,而是准备好的语句.这取决于数据库服务器和您的应用程序之间的网络延迟,但对于大多数实际情况,您可能认为它可以忽略不计.
Again, it is not PDO, but prepared statements that reduces efficiency. It depends on the network latency between the db server and your application but you may count it negligible for the most real world cases.
这篇关于PHP PDO 的prepared statements 如何防止sql注入?使用 PDO 的其他好处是什么?使用 PDO 会降低效率吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持html5模板网!