Saya perlu menukar pernyataan if pertama kepada pernyataan PDO tetapi saya tidak pasti bagaimana untuk melakukannya. Bolehkah seseorang membantu?
Apabila pengguna menyerahkan borang, saya mahu alamat e-mel mereka ditarik dari jadual pengguna pada pangkalan data ke halaman ini di tapak web, menggunakan $id bernombor yang diberikan kepada mereka semasa mereka mendaftar .
Buat sambungan
Pertama sekali anda perlukan untuk menggantikan sambungan mysqli anda dengan PDO (atau sekurang-kurangnya tambah sambungan PDO bersama mysqli!).
// Define database connection parameters $db_host = "127.0.0.1"; $db_name = "name_of_database"; $db_user = "user_name"; $db_pass = "user_password"; // Create a connection to the MySQL database using PDO $pdo = new pdo( "mysql:host={$db_host};dbname={$db_name}", $db_user, $db_pass, [ PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_EMULATE_PREPARES => FALSE ] );
Mengemas kini kod anda
Pernyataan yang disediakan dengan mysqli dan PDO
Hampir selalu lebih baik menggunakan yang disediakan pernyataan apabila meletakkan data berubah-ubah ke dalam pertanyaan SQL. Ia bukan sahaja lebih selamat (jika data datang daripada sebarang jenis input yang dijana oleh pengguna) tetapi ia juga menjadikannya lebih mudah dibaca dan lebih mudah dijalankan berbilang kali dengan nilai yang berbeza.
Pertanyaan yang disediakan dengan mysqli :
$sql = "SELECT column1, column2 FROM table WHERE column3 = ? AND column4 = ?"; $query = $mysqli->prepare($sql); $query->bind_param("si", $string_condition, $int_condition); $query->execute(); $query->store_result(); $query->bind_result($column1, $column2); $query->fetch(); echo "Column1: {$column1}<br>"; echo "Column2: {$column2}";
Pertanyaan yang disediakan dengan PDO:
$sql = "SELECT column1, column2 FROM table WHERE column3 = ? AND column4 = ?"; $query = $pdo->prepare($sql); $query->execute([$string_condition, $int_condition]); $row = $query->fetchObject(); # $row = $query->fetch(); // Alternative to get indexed and/or associative array echo "Column1: {$row->column1}<br>"; echo "Column2: {$row->column2}";
Kod dikemas kini
// Using the NULL coalescing operator here is shorter than a ternary $id = $_SESSION['u_id'] ?? NULL; if($id) { $sql = "SELECT email FROM users WHERE u_id = ?"; $query = $pdo->prepare($sql); // Prepare the query $query->execute([$id]); // Bind the parameter and execute the query $email = $query->fetchColumn(); // Return the value from the database } // Putting "$email" on a line by itself does nothing for your code. The only // thing it does is generate a "Notice" if it hasn't been defined earlier in // the code. Best use: // - The ternary operator: $email = (isset($email)) ? $email : ""; // - The NULL coalescing operator: $email = $email ?? ""; // - OR initialize it earlier in code, before the first `if`, like: $email = ""; // N.B. Instead of "" you could use NULL or FALSE as well. Basically in this case // anything that equates to BOOL(FALSE); so we can use them in `if` statements // so the following (2 commented lines and 1 uncommented) are effectively // interchangeable. $email = $email ?? ""; # $email = $email ?? FALSE; # $email = $email ?? NULL; // Presumably you will also want to change this function to PDO and prepared statements? // Although it doesn't actually do anything in the code provided? $suggestions = selectAll($table); // Same as with email, we're just going to use the NULL coalescing operator. // Note: in this case you had used the third option from above - I've just // changed it so there is less bloat. $optionOne = $_POST['optionOne'] ?? ""; $optionTwo = $_POST['optionTwo'] ?? ""; $newSuggestion = $_POST['new-suggestion'] ?? ""; // There's no point nesting `if` statements like this when there doesn't appear to be any // additional code executed based on the out come of each statement? Just put it into one. // We now don't need to use empty etc. because an empty, false, or null string all. // equate to FALSE. if($newSuggestion && $id && $email && $optionOne && $optionTwo) { // Not sure why you've made the the table name a variable UNLESS you have multiple tables // with exactly the same columns etc. and need to place in different ones at different // times. Which seems unlikely so I've just put the table name inline. $sql = "INSERT INTO suggestions (user_id, email, option_1, option_2) VALUES (?, ?, ?, ?)"; $query = $pdo->prepare($sql); $query->execute([$id, $email, $optionOne, $optionTwo]); } else{ echo "All options must be entered"; }
Tanpa ulasan:
$id = $_SESSION['u_id'] ?? NULL; if($id) { $sql = "SELECT email FROM users WHERE u_id = ?"; $query = $pdo->prepare($sql); $query->execute([$id]); $email = $query->fetchColumn(); } $email = $email ?? ""; $suggestions = selectAll($table); $optionOne = $_POST['optionOne'] ?? ""; $optionTwo = $_POST['optionTwo'] ?? ""; $newSuggestion = $_POST['new-suggestion'] ?? ""; if($newSuggestion && $id && $email && $optionOne && $optionTwo) { $sql = "INSERT INTO suggestions (user_id, email, option_1, option_2) VALUES (?, ?, ?, ?)"; $query = $pdo->prepare($sql); $query->execute([$id, $email, $optionOne, $optionTwo]); } else{ echo "All options must be entered"; }
Atas ialah kandungan terperinci Bagaimana untuk menukar pertanyaan MySQL kepada pernyataan yang disediakan oleh PDO dan dapatkan hasilnya?. Untuk maklumat lanjut, sila ikut artikel berkaitan lain di laman web China PHP!