PDO::exec

(PHP 5 >= 5.1.0, PECL pdo >= 0.1.0)

PDO::exec — Execute an SQL statement and return the number of affected rows

说明

int PDO::exec ( string $statement )

PDO::exec() executes an SQL statement in a single function call, returning the number of rows affected by the statement.

PDO::exec() does not return results from a SELECT statement. For a SELECT statement that you only need to issue once during your program, consider issuing PDO::query(). For a statement that you need to issue multiple times, prepare a PDOStatement object with PDO::prepare() and issue the statement with PDOStatement::execute().

参数

statement

The SQL statement to prepare and execute.

Data inside the query should be properly escaped.

返回值

PDO::exec() returns the number of rows that were modified or deleted by the SQL statement you issued. If no rows were affected, PDO::exec() returns 0.

Warning

此函数可能返回布尔值 FALSE，但也可能返回等同于 FALSE 的非布尔值，例如 0 或 ""(空串)。请阅读布尔类型章节以获取更多信息。应使用 === 运算符来测试此函数的返回值。

The following example incorrectly relies on the return value of PDO::exec(), wherein a statement that affected 0 rows results in a call to die:


<?php
$db->exec() or die(print_r($db->errorInfo(), true));
?>

范例

Example #1 Issuing a DELETE statement

Count the number of rows deleted by a DELETE statement with no WHERE clause.


<?php
$dbh = new PDO('odbc:sample', 'db2inst1', 'ibmdb2');

/* Delete all rows from the FRUIT table */
$count = $dbh->exec("DELETE FROM fruit WHERE colour = 'red'");

/* Return number of rows that were deleted */
print("Deleted $count rows.\n");
?>

以上例程会输出：

Deleted 1 rows.

参见

PDO::prepare() - Prepares a statement for execution and returns a statement object
PDO::query() - Executes an SQL statement, returning a result set as a PDOStatement object
PDOStatement::execute() - Executes a prepared statement

PHP手册 - N: Execute an SQL statement and return the number of affected rows

用户评论:

hungry dot rahly at gmail dot com (11-Nov-2010 01:24)

For those that want an exec that handles params like prepare/execute does. You can simulate this with another function <?php class Real_PDO extends PDO { public function execParams($sql, $params) { $stm = $this->prepare($sql); $result = false; if( $stm && $stm->execute($params) ) { $result = $stm->rowCount(); while( $stm->fetch(PDO::FETCH_ASSOC) ) { } } return $result; } } ?> Remember though, if you are doing a lot of inserts, you'll want to do it the manual way, as the prepare statement will speed up when doing multiple executes(inserts). I use this so I can place all my SQL statements in one place, and have auto safe quoting against sql-injections. If you are wondering about the fetch after, remember some databases can return data SELECT-like data from REMOVE/INSERTS. In the case of PostgreSQL, you can have it return you all records that were actually removed, or have the insert return the records after the insert/post field functions, and io trigger fire, to give you normalized data. <?php define("BLAH_INSERT", "INSERT INTO blah (id,data) VALUES(?,?)"); $pdo = new Real_PDO("connect string"); $data = array("1", "2"); $pdo->execParams(BLAH_INSERT, $data); ?>

Anonymous (01-Sep-2010 04:37)

I spent half a day trying to work out why I could not update my sqlite3 database from apache using the PHP PDO driver. I was getting NO error messages at all. I could connect and select data, but not modify it. It wasn't until I added the following line: $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING); after immediately opening the database, that I got a hint of what was happening. filename: File3 dl_count: 100 ( ! ) Warning: PDO::exec() [pdo.exec.html]: SQLSTATE[HY000]: General error: 8 attempt to write a readonly database in /www/htdocs/test/dl-counter/sqlite-readwrite-test.php on line 76 Call Stack # Time Memory Function Location 1 0.0086 330120 {main}( ) ../sqlite-readwrite-test.php:0 2 0.0273 331240 PDO->exec( ) ../sqlite-readwrite-test.php:76 Affected Rows: '' filename: File3 dl_count: 100 The problem was with the file permissions. As root I could read and write the database from the sqlite3 command line monitor. But Apache was unable to write the database. Changed the permissions to 755 wwwrun:wwrun and it all works OK! Thanks again :)

blah at whatevr dot com (05-Sep-2007 04:07)

You can't use it not only with SELECT statement, but any statement that might return rows. "OPTIMIZE table" is such example (returns some rows with optimization status). If you do, PDO will lock-up with the "Cannot execute queries while other unbuffered queries are active." nonsense.

jon at chem dot umass dot edu (10-May-2007 10:12)

If you do this: <?php $res = $dbh->query("SELECT * FROM sessions WHERE session_id = '$p_sessID'"); $l_records = $res->fetch(PDO::FETCH_ASSOC); if( $l_records ) { // ...update session-data $l_theQuery = "UPDATE sessions SET session_expires='$newExp', session_data='$p_sessData' WHERE session_id='$p_sessID'"; echo $l_theQuery; $l_stmt = $this->db->prepare($l_theQuery); if ( $l_stmt ) { $l_rows = $l_stmt->execute(); } } ?> You will get nothing. But do this: <?php $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING); ?> Prior to the code above, you will get this: "PDO::prepare(): SQLSTATE[HY000]: General error: 2014 Cannot execute queries while other unbuffered queries are active. Consider using PDOStatement::fetchAll(). Alternatively, if your code is only ever going to run against mysql, you may enable query buffering by setting the PDO::MYSQL_ATTR_USE_BUFFERED_QUERY attribute." So, instead of fetch(), use fetchAll(), it will make you less insane. Incidentally, the INSERT statement that I was issuing, if the record that I needed to update didn't yet exist, after the initial fetch() command worked perfectly. Changing to fetchAll() fixed it.

roberto at spadim dot com dot br (19-Dec-2006 07:47)

this function don't execute multi_query to get it see SQLITE_EXEC comments there is an pereg function that get all queries and execute all then an return the last one

soletan at toxa dot de (29-Aug-2006 09:40)

It's worth noting here, that - in addition to the hints given in docs up there - using prepare, bind and execute provides more benefits than multiply querying a statement: performance and security! If you insert some binary data (e.g. image file) into database using INSERT INTO ... then it may boost performance of parsing your statement since it is kept small (a few bytes, only, while the image may be several MiBytes) and there is no need to escape/quote the file's binary data to become a proper string value. And, finally and for example, if you want to get a more secure PHP application which isn't affectable by SQL injection attacks you _have to_ consider using prepare/execute on every statement containing data (like INSERTs or SELECTs with WHERE-clauses). Separating the statement code from related data using prepare, bind and execute is best method - fast and secure! You don't even need to escape/quote/format-check any data.

david at acz dot org (10-Feb-2006 12:39)

This function cannot be used with any queries that return results. This includes SELECT, OPTIMIZE TABLE, etc.