PHP與MySQL通信分為以下步驟
1.連接到MySQL服務(wù)器
2.發(fā)送SQL查詢

使用mysqli_connect打開連接
$cxn = mysqli_connect("host","acct","password","dbname")
or die ("message");

$host="localhost";
$user="phpuser";
$password="";
$dbname = "Customer";
$cxn = mysqli_connect($host,$user,$password,$dbname)
or die("Couldn't connect to server.");

$query = "SELECT * FROM Customer";
$result = mysqli_query($cxn,$query)
or die ("Couldn't execute query.");
對于不返回數(shù)據(jù)的查詢，$result中包含查詢語句是否執(zhí)行成功的信息，true或false；
對于返回數(shù)據(jù)的查詢，$result包含指明返回數(shù)據(jù)位置的標識符。
為減少出錯，一般情況下按以下規(guī)則使用單雙引號：
在字符串前后使用雙引號；
在變量名前后使用單引號；
在字面量前后使用單引號。
例子：
$query = "SELECT firstName FROM Customer";
$query = "SELECT firstName FROM Customer WHERE lastName='Smith'";
$query = "UPDATE Customer SET lastName='$last_name'";

使用mysqli_multi_query可以同時執(zhí)行多個查詢語句
$query = "SELECT * FROM Cust;SELECT * FROM OldCust";
mysqli_multi_query($cxn,$query);
但是使用多個語句會導致不安全。如果使用外部數(shù)據(jù)創(chuàng)建查詢語句，一定要進行驗證。例如讓用戶輸入一個查詢的表明，如果用戶輸入Friend，則$query = "SELECT * FROM Friend";但是如果用戶惡意輸入Friend;DELETE TABLE Friend，則$query = "SELECT * FROM Friend;DELETE TABLE Friend";這就會刪除數(shù)據(jù)表全部數(shù)據(jù)。

關(guān)閉連接
mysqli_close($cxn);

選擇一個數(shù)據(jù)庫
mysqli_select_db($cxn,"databasename")
or die ("message");

當mysqli_query()失敗時會返回錯誤信息，但是默認不顯示，需通過mysqli_error($cxn)顯示錯誤。
例子：
$query = "SELECT * FROM Cust";
$result = mysqli_query($cxn,$query)
or die ("Error: ".mysqli_error($cxn));

獲取返回記錄個數(shù)
$query = "SELECT * FROM ValidUser
WHERE acct = '$_POST[userID]'
AND password = '$password'";
$result = mysqli_query($cxn,$query);
$n = $mysql_num_rows($result);
if($n < 1)
{
echo "User name and password are not valid";
exit();
}

獲取最后一個記錄的auto_increment字段
$query = "INSERT INTO CustomerOrder (customerID,orderDate) VALUES ($customerID,$date)";
$result = mysqli_query($cxn,$query);
$orderID = mysqli_insert_id($cxn);
$query = "INSERT INTO OrderItem (orderID,color,size,price) VALUES ($orderID,$color,$size,$price)";
$result = mysqli_query($cxn,$query);

獲取影響的行數(shù)
$query = "UPDATE Student SET status='pass' WHERE score > 50";
$result = mysqli_query($cxn,$query);
$passed = mysqli_affected_rows($cxn);
echo "$passed students passed";

字符轉(zhuǎn)義
php.ini中magic_quotes_gpc在PHP4和PHP5中被默認開啟，但在PHP6中不再支持。建議關(guān)閉。
$lastName = mysqli_real_escape_string($lastName);
$lastName = mysqli_real_escape_string($_POST['lastName']);