php 通过 MSSQL_* 函数连接到 MSSQL 的 PDO
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/14299813/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
PDO To Connect to MSSQL Over MSSQL_* Functions
提问by user1968541
There is a range of mssql_*Which are not in the depreciation process.
其中有一系列mssql_*不在折旧过程中。
They work the same as mysql_*functions; they need to me manually escaped, please find the link to the manual below:
它们的工作方式与mysql_*函数相同;他们需要我手动转义,请在下面找到手册的链接:
http://uk1.php.net/manual/en/book.mssql.php
http://uk1.php.net/manual/en/book.mssql.php
MSSQL_* Functions was apart of php5-mssqlbut have now been moved into php5-sybase
MSSQL_* 函数是分开的,php5-mssql但现在已移入php5-sybase
Furthermore, using PDO for your Database Construct, is available but is experimentalhttp://php.net/manual/en/ref.pdo-dblib.php
此外,将 PDO 用于您的数据库构造,是可用的,但是是实验性的http://php.net/manual/en/ref.pdo-dblib.php
But my overall question, from the fact that PDO/MySQLI is being pushed as main database communication solution, should I stop using the functions mssql_*
但我的总体问题是,从 PDO/MySQLI 被推为主要数据库通信解决方案的事实,我是否应该停止使用这些功能 mssql_*
Or is it possible for:
或者是否有可能:
PDO Connection:
PDO 连接:
$dsn = 'mssql:host=localhost;dbname=testdb';
$user = 'dbuser';
$password = 'dbpass';
try {
$dbh = new PDO($dsn, $user, $password);
} catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
But if this process is still listed as experimental, should developers using Microsoft SQL Serverfor their databases, wait till this extension is stable for MSSQL Servers
但是如果这个过程仍然被列为实验性的,如果开发人员使用Microsoft SQL Server他们的数据库,等到这个扩展对 MSSQL 服务器稳定
So at the end of the day, PDO Extension or MSSQL_* Functions even though they are not depreciated.. If so, why?
因此,归根结底,PDO 扩展或 MSSQL_* 函数即使没有折旧。如果是这样,为什么?
回答by Ben Carey
My Own Opinion
我自己的意见
I have been using PDOto connect to a MSSQLdatabase for over a year now and so far I have found absolutely no issues.
我已经使用PDO连接到MSSQL数据库一年多了,到目前为止我完全没有发现任何问题。
In fact, I looked into using the mssql_*functions before migrating to PDO, and came to the conclusion that they were a much less reliable, not to mention, insecure way of connecting to a MSSQLDatabase.
事实上,我mssql_*在迁移到 之前研究了使用这些函数PDO,并得出结论,它们是一种不太可靠的连接MSSQL数据库的方式,更不用说,不安全的方式。
Logically
逻辑上
From a logical point of view, PDOis also the better option as it only takes a few tweaks to the code in order to change from MSSQLto MySQL.
从逻辑的角度来看,PDO也是更好的选择,因为它只需要对代码进行一些调整即可从 更改MSSQL为MySQL.
I wrote a wrapper class for the PDO class that makes connecting to these databases very easy.
我为 PDO 类编写了一个包装类,使连接到这些数据库变得非常容易。
Consider this as an example:
以这个为例:
<?php
// +------------------------------------------------------------------------+
// | class.mssql.php |
// +------------------------------------------------------------------------+
// | Copyright (c) Company Ltd 2013. All rights reserved. |
// | Version 1.0 |
// | Last modified 30/01/2013 |
// | Email [email protected] |
// | Web http://www.company.co.uk |
// +------------------------------------------------------------------------+
// Make sure the SQL class is included
require_once("class.sql.php");
/*
* Class mssql
*
* @version 1.0
* @author Ben Carey <[email protected]>
* @copyright Company Ltd
*
*/
class mssql extends sql{
/**
* Initialize the object and set/reset all variables
*
* This function is called when the object is constructed
*
* @access private
*/
function __construct(&$memcache){
// Call the sql construct
parent::__construct($memcache);
// Global MsSQL defaults
$this->query_escaper_left = "[";
$this->query_escaper_right = "]";
$this->connection_engine = "sqlsrv";
$this->connection_parameter_host = "server";
$this->connection_parameter_database = "Database";
$this->select_db_function = "db_name()";
}
}
?>
Anything that is unique to MSSQLis defined in this extension and then passed up to the parent class class.sql.php. The beauty of PDO is that the code in the file class.sql.phpdoes not have to be altered in any way to work with any database (or, all the databases that I have tried thus far).
任何独特的东西都MSSQL在这个扩展中定义,然后传递给父类class.sql.php。PDO 的美妙之处在于class.sql.php无需以任何方式更改文件中的代码即可使用任何数据库(或我迄今为止尝试过的所有数据库)。
So all that is needed here is a small extension for each database type and it will work.
所以这里只需要为每个数据库类型做一个小的扩展,它就会起作用。
Whereas, with the native mssql_*functions, if you were to decide to change database for any particular reason, you would have to rewrite everything. Not to mention, you would have to use PDO for MySQL anyway given that the mysql_*functions are now deprecated.
而使用本机mssql_*函数,如果您出于任何特定原因决定更改数据库,则必须重写所有内容。更不用说,鉴于这些mysql_*功能现在已被弃用,您无论如何都必须为 MySQL 使用 PDO 。
My Testing with PDO
我的 PDO 测试
I have been running complex stored procedures, with INPUT PARAMETERS, OUTPUT PARAMETERS, INOUT PARAMETERS, on databases with 100,000,000+ records in them. These have worked absolutely flawlessly, and continue to do so!
我一直在运行复杂的存储过程,其中包含INPUT PARAMETERS, OUTPUT PARAMETERS, INOUT PARAMETERS, 100,000,000+ 条记录的数据库。这些工作绝对完美无瑕,并将继续这样做!
References
参考
Another reason not to use the mssql_*functions is that they are no longer supported on Windows with PHP version 5.3 or later:
不使用这些mssql_*函数的另一个原因是,PHP 5.3 或更高版本的 Windows 不再支持它们:
The SyBase Extension falls under the same category as the mssql_*functions. They are procedural, impractical and not portable at all!
SyBase 扩展与mssql_*函数属于同一类别。它们是程序化的,不切实际的,根本不便携!
Functionality
功能
At a glance, I have noticed that none of these extensions have a function equivalent to the mysql_real_escape_string()function. Whereas, in PDO, there is no need for this
乍一看,我注意到这些扩展中没有一个具有与该mysql_real_escape_string()功能等效的功能。而在 PDO 中,则不需要此
Conclusion
结论
It goes without saying that I am a moral PDO supporter (and this has only come after using it for 1 year!). That is not to say I will not listen to other peoples opinions on the mssql_*functions, it will just be very hard to persuade me, and I think most people, that these functions can even compete the PDO.
不用说,我是 PDO 的道德支持者(这只是在使用它一年后才出现的!)。这并不是说我不会听取其他人对mssql_*功能的意见,只是很难说服我,而且我认为大多数人,这些功能甚至可以与 PDO 竞争。
So to conclude, in my opinion, PDO is the way forward for the following key reasons:
总而言之,在我看来,PDO 是前进的方向,原因如下:
- It is very portable, easy to switch to different databases with minimal code
- It is secure without the need of functions like
mysql_real_escape_string() - It is fast becoming the norm for developers
- If you do not have experience with Object Oriented Programming, then it is an excellent introduction
- It comes pre-installed with most PHP Packages
- It can execute comples queries with ease, including stored procedures
- After benchmarking it with a MySQL database against the old deprecated
mysql_*functions, it has proved to be faster in a lot of cases, if not all cases.- See Here
- 它非常便携,可以用最少的代码轻松切换到不同的数据库
- 它是安全的,不需要像这样的功能
mysql_real_escape_string() - 它正在迅速成为开发人员的常态
- 如果您没有面向对象编程的经验,那么这是一个很好的介绍
- 它预装了大多数 PHP 包
- 它可以轻松地执行完整的查询,包括存储过程
- 在使用 MySQL 数据库针对旧的已弃用
mysql_*函数对其进行基准测试后,事实证明它在很多情况下(如果不是所有情况)都更快。-看这里
I asked a similar question a while back, and the same conclusion was drawn:
不久前我问了一个类似的问题,得出了同样的结论:
回答by Daryl Gill
This could spark up a good debate. I guess the only way to test the stability of the PDO functions towards Microsoft SQL Servers, is to setup your own local testing zone and push the PDO Class to its abilities.
这可能会引发一场很好的辩论。我想测试 PDO 功能对 Microsoft SQL Server 的稳定性的唯一方法是设置您自己的本地测试区域并将 PDO 类推向其能力。
As you said, php5-sybase contains MSSQL Functions and are not in the deprecation process.
正如您所说,php5-sybase 包含 MSSQL 函数,并且不在弃用过程中。
I guess it's down to what the developer feels comfortable with.
我想这取决于开发人员对什么感到满意。
If you're happy with MSSQL_* Functions, then go ahead and use them, but there could be a possibility they will end up getting deprecated from PHP altogether in the near future -- it's happening with MySQL Functions.
如果您对 MSSQL_* 函数感到满意,请继续使用它们,但在不久的将来,它们可能最终会被 PHP 完全弃用——MySQL 函数正在发生这种情况。
Although, if you're looking for a change and new challenges, with added security from SQL Injection, then go ahead and try out the PDO compatibility with MSSQL Servers.
不过,如果您正在寻找变化和新挑战,通过 SQL 注入增加安全性,那么请继续尝试与 MSSQL 服务器的 PDO 兼容性。
It's entirely down to you.
这完全取决于你。
From my preference & and guess many other developers preference, I would say go for the PDO functions. I assume it would work as normal.
根据我的偏好和猜测许多其他开发人员的偏好,我会说选择 PDO 功能。我认为它会正常工作。
<?php
$dsn = 'mssql:host=localhost;dbname=testdb';
$user = 'dbuser';
$password = 'dbpass';
try {
$dbh = new PDO($dsn, $user, $password);
} catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
$Query = $dbh->prepare("SELECT * FROM Tbl WHERE `ID` = :id");
$Query ->bindParam(':id', $ID, PDO::PARAM_INT);
$Query->execute();
// etc..
?>
回答by Sunday Ikpe
PDO is definitely the way to go and for linux users I stongly recommend going with the sybase connector and the the dblib DSN.
PDO 绝对是要走的路,对于 linux 用户,我强烈建议使用 sybase 连接器和 dblib DSN。
For ubuntu users with PHP7 it would be:
对于使用 PHP7 的 ubuntu 用户,它将是:
sudo apt-get install php-sybase freetds-common libsybdb5
And for connecting:
并用于连接:
$db = new PDO("dblib: host=$hostname:$port; dbname=$dbname", $dbuser, $dbpassword);
And you should be good to go.
你应该很高兴去。
回答by Charles Addis
PDO is the obvious choice with security in mind. PDO code is portable - it can be adjusted to send information to a number of databases without having to change the function calls and only changing a few parameters.
PDO 是考虑到安全性的明显选择。PDO 代码是可移植的 - 可以调整它以将信息发送到多个数据库,而无需更改函数调用,只需更改几个参数。
The MSSQL class is not portable the way that PDO is portable.
MSSQL 类不像 PDO 那样可移植。
PDO has excellent support for prepared statements while MSSQL has none. PDO acts as an abstraction layer much like JDBC in Java and is portable. PDO has support for transactions, is better for handling errors
PDO 对准备好的语句有很好的支持,而 MSSQL 没有。PDO 充当抽象层,很像 Java 中的 JDBC,并且是可移植的。PDO 支持事务,更适合处理错误
Hope the answer is obvious!
希望答案是显而易见的!
