If you plan to interpolate PHP variables into the SQL statement, understand
that this is one of the more common security exposures. Consider calling
db2_prepare() to prepare an SQL statement with parameter
markers for input values. Then you can call db2_execute()
to pass in the input values and avoid SQL injection attacks.
If you plan to repeatedly issue the same SQL statement with different
parameters, consider calling db2_prepare() and
db2_execute() to enable the database server to reuse its
access plan and increase the efficiency of your database access.
An SQL statement. The statement cannot contain any parameter markers.
options
An associative array containing statement options. You can use this
parameter to request a scrollable cursor on database servers that
support this functionality.
cursor
Passing the DB2_FORWARD_ONLY value requests a
forward-only cursor for this SQL statement. This is the default
type of cursor, and it is supported by all database servers. It is
also much faster than a scrollable cursor.
Passing the DB2_SCROLLABLE value requests a
scrollable cursor for this SQL statement. This type of cursor
enables you to fetch rows non-sequentially from the database
server. However, it is only supported by DB2 servers, and is much
slower than forward-only cursors.
Возвращаемые значения
Returns a statement resource if the SQL statement was issued successfully,
or FALSE if the database failed to execute the SQL statement.
Примеры
Пример 1. Creating a table with db2_exec()
The following example uses db2_exec() to issue a set
of DDL statements in the process of creating a table.
// Create the test table $create = 'CREATE TABLE animals (id INTEGER, breed VARCHAR(32), name CHAR(16), weight DECIMAL(7,2))'; $result = db2_exec($conn, $create); if ($result) { print "Successfully created the table.\n"; }