|
|
S-157: WordPress WassUp Plugin 'spy.php' Vulnerability
|
|
PDO.EXEC(3) 1 PDO.EXEC(3) PDO
::exec - Execute an SQL statement and return the number of affected rows SYNOPSIS
public int PDO::exec (string $statement) DESCRIPTION
PDO.exec(3) executes an SQL statement in a single function call, returning the number of rows affected by the statement. PDO.exec(3) does not return results from a SELECT statement. For a SELECT statement that you only need to issue once during your program, consider issuing PDO.query(3). For a statement that you need to issue multiple times, prepare a PDOStatement object with PDO.prepare(3) and issue the statement with PDOStatement.execute(3). PARAMETERS
o $statement - The SQL statement to prepare and execute. Data inside the query should be properly escaped. RETURN VALUES
PDO.exec(3) returns the number of rows that were modified or deleted by the SQL statement you issued. If no rows were affected, PDO.exec(3) returns 0. Warning This function may return Boolean FALSE, but may also return a non-Boolean value which evaluates to FALSE. Please read the section on Booleans for more information. Use the === operator for testing the return value of this function. The following example incorrectly relies on the return value of PDO.exec(3), wherein a statement that affected 0 rows results in a call to die(3): <?php $db->exec() or die(print_r($db->errorInfo(), true)); ?> EXAMPLES
Example #1 Issuing a DELETE statement Count the number of rows deleted by a DELETE statement with no WHERE clause. <?php $dbh = new PDO('odbc:sample', 'db2inst1', 'ibmdb2'); /* Delete all rows from the FRUIT table */ $count = $dbh->exec("DELETE FROM fruit WHERE colour = 'red'"); /* Return number of rows that were deleted */ print("Deleted $count rows. "); ?> The above example will output: Deleted 1 rows. SEE ALSO
PDO.prepare(3), PDO.query(3), PDOStatement.execute(3). PHP Documentation Group PDO.EXEC(3)
