English
English
In PHP, mysqli::stmt_init is a function in the mysqli extension, which is mainly used to initialize a new mysqli_stmt object. This is very important for executing Prepared Statements. By using preprocessing statements, we can avoid security issues such as SQL injection and improve the efficiency of database queries.
In MVC architectures, database operations are usually located in the Model layer. The Model is responsible for processing the acquisition and storage of data, while the Controller layer is responsible for processing user requests and calling the corresponding Model methods. In our case, we will use mysqli::stmt_init for database operations in the Model layer.
Suppose we have a simple user management system where we want to insert user information into the database. Our database table structure is as follows:
CREATE TABLE users (
id INT AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(255) NOT NULL,
email VARCHAR(255) NOT NULL
);
We will create a method at the Model layer to handle the operation of inserting user data.
First, we need to create a database connection class for connecting to the database. Suppose we store the database connection information in a separate class.
class Database {
private $host = 'localhost';
private $username = 'root';
private $password = '';
private $database = 'test_db';
public $conn;
public function __construct() {
$this->conn = new mysqli($this->host, $this->username, $this->password, $this->database);
if ($this->conn->connect_error) {
die("Connection failed: " . $this->conn->connect_error);
}
}
}
Next, we create a UserModel class that handles user-related database operations. Here we will use the mysqli::stmt_init function to initialize the preprocessing statement and insert the user data.
class UserModel {
private $db;
public function __construct() {
$this->db = new Database();
}
public function addUser($username, $email) {
// Initialization preparation statement
$stmt = $this->db->conn->stmt_init();
// Check whether the preparation statement is successful
if ($stmt->prepare("INSERT INTO users (username, email) VALUES (?, ?)")) {
// Bind parameters
$stmt->bind_param("ss", $username, $email);
// Execution statement
if ($stmt->execute()) {
echo "User added successfully!";
} else {
echo "Error: " . $stmt->error;
}
// Close statement
$stmt->close();
} else {
echo "Prepare failed: " . $this->db->conn->error;
}
}
}
In the Controller layer, we perform database operations by calling the UserModel class method. We will take the data entered by the user and pass it to the addUser method.
class UserController {
private $model;
public function __construct() {
$this->model = new UserModel();
}
public function createUser($username, $email) {
// Call UserModel Methods of class insert user data
$this->model->addUser($username, $email);
}
}
Finally, in the front-end page, we provide a simple form for users to enter data. The form data will be submitted to the Model through the Controller layer for database operations.
<form method="POST" action="create_user.php">
<label for="username">Username:</label>
<input type="text" id="username" name="username" required>
<label for="email">Email:</label>
<input type="email" id="email" name="email" required>
<button type="submit">Create User</button>
</form>
In the create_user.php file, we create the user through the Controller:
include 'UserController.php';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$username = $_POST['username'];
$email = $_POST['email'];
$controller = new UserController();
$controller->createUser($username, $email);
}
In the MVC architecture, correctly using the mysqli::stmt_init function for database operations can improve the security and efficiency of the code. By using preprocessing statements, the risk of SQL injection is avoided and the code is clearer and easier to maintain. In this example, we encapsulate database operations in the Model layer, and the Controller layer is responsible for interacting with the front-end, ensuring the separation of responsibilities of each layer.
In this way, you can handle database operations gracefully in the MVC architecture and provide a good foundation for future expansion.
