我一直在尝试将mysql语句切换到PDO和Prepared Statements,但却没有得到它。我有一个用户输入数据的表单,这个帖子发布到mysql数据库。我相信我已经想通了,因为它确实有效。这是代码。
$stmt = $dbh->prepare("INSERT INTO info(lakeid, name, size, depth, access, sports, beach, atlantic,
bluegill, brook, brown, catfish, coho, crappie, king, lake, largemouth, muskie,
pike, perch, pumkinseed, rainbow, rock, smallmouth, steelhead, sturgeon, walleye,
comments)
VALUES (:lakeid, :name, :size, :depth, :access, :sports, :beach, :atlantic, :bluegill,
:brook, :brown, :catfish, :coho, :crappie,:king, :lake, :largemouth, :muskie, :pike,
:perch, :pumkinseed, :rainbow, :rock, :smallmouth, :steelhead, :sturgeon, :walleye,
:comments )");
$stmt->bindParam(':lakeid', $lakeid, PDO::PARAM_STR);
$stmt->bindParam(':name', $name, PDO::PARAM_STR);
$stmt->bindParam(':size', $size, PDO::PARAM_STR);
$stmt->bindParam(':depth', $depth, PDO::PARAM_STR);
$stmt->bindParam(':access', $access, PDO::PARAM_STR);
$stmt->bindParam(':sports', $sports, PDO::PARAM_STR);
$stmt->bindParam(':beach', $beach, PDO::PARAM_STR);
$stmt->bindParam(':atlantic', $atlantic, PDO::PARAM_STR);
$stmt->bindParam(':bluegill', $bluegill, PDO::PARAM_STR);
$stmt->bindParam(':brook', $brook, PDO::PARAM_STR);
$stmt->bindParam(':brown', $brown, PDO::PARAM_STR);
$stmt->bindParam(':catfish', $catfish, PDO::PARAM_STR);
$stmt->bindParam(':coho', $coho, PDO::PARAM_STR);
$stmt->bindParam(':crappie', $crappie, PDO::PARAM_STR);
$stmt->bindParam(':king', $king, PDO::PARAM_STR);
$stmt->bindParam(':lake', $lake, PDO::PARAM_STR);
$stmt->bindParam(':largemouth', $largemouth, PDO::PARAM_STR);
$stmt->bindParam(':muskie', $muskie, PDO::PARAM_STR);
$stmt->bindParam(':pike', $pike, PDO::PARAM_STR);
$stmt->bindParam(':perch', $perch, PDO::PARAM_STR);
$stmt->bindParam(':pumkinseed', $pumkinseed, PDO::PARAM_STR);
$stmt->bindParam(':rainbow', $rainbow, PDO::PARAM_STR);
$stmt->bindParam(':rock', $rock, PDO::PARAM_STR);
$stmt->bindParam(':smallmouth', $smallmouth, PDO::PARAM_STR);
$stmt->bindParam(':steelhead', $steelhead, PDO::PARAM_STR);
$stmt->bindParam(':sturgeon', $sturgeon, PDO::PARAM_STR);
$stmt->bindParam(':walleye', $walleye, PDO::PARAM_STR);
$stmt->bindParam(':comments', $comments, PDO::PARAM_STR);
$stmt->execute();
我的问题是将此信息打印回原始页面中的表格。我已经尝试了几个教程,但似乎都没有帮助。对此有任何建议会有所帮助。 非常感谢。
以下是用于将用户输入打印到表格中的已编辑代码。我再也不太了解PDO,但试图防止注射。这实际上将所有正确的输入打印到表中。还有什么我应该担心的吗? 感谢您的回复。
$stm = $dbh->prepare("SELECT * FROM info WHERE lakeid = ?");
$stm->execute(array("$counties"));
$data = $stm->fetchAll();
Print "<table border cellpadding=5>";
Print "<tr><th>Name:</th> <th>Size:</th> <th>Depth:</th> <th>Boat Access:</th> <th>All Sports:</th> <th>Public Beach:</th> <th>Fish Species:</th> <th>Comments:</th></tr>";
foreach($data as $inform )
{
Print "<tr>";
Print " <td>" .$inform['name']."</td> ";
Print "<td>".$inform['size'] . " </td>";
Print " <td>".$inform['depth'] . "</td> ";
Print " <td>".$inform['access'] . "</td> ";
Print " <td>".$inform['sports'] . "</td> ";
Print " <td>".$inform['beach'] . " </td>";
Print" <td>".$inform['atlantic'] ."\n". $inform['bluegill']. "\n". $inform['brook']. "\n". $inform['brown'].
"\n". $inform['catfish']. "\n". $inform['coho']. "\n". $inform['crappie']. "\n". $inform['king']. "\n". $inform['lake'].
"\n". $inform['largemouth']. "\n". $inform['muskie']. "\n". $inform['pike']. "\n". $inform['perch']. "\n". $inform['pumkinseed'].
"\n". $inform['rainbow']. "\n". $inform['rock']. "\n". $inform['smallmouth']. "\n". $inform['steelhead']. "\n". $inform['sturgeon'].
"\n". $inform['walleye']. "</td>";
Print " <td>".$inform['comments'] . "</td> "; "</tr>";
}
Print "</table>";
答案 0 :(得分:0)
我想知道您尝试了哪些教程,但您的检索尝试是针对所有SQL规则的。
$stm = $dbh->prepare("SELECT * FROM info");
$stm->execute();
$data = $stm->fetchAll();
?>
<table>
<? foreach ($data as $row): ?>
<tr>
<? foreach ($row as $value): ?>
<td><?=$value?></td>
<? endforeach ?>
</tr>
<? endforeach ?>
</table>
只是一个例子。我相信你需要一个关于基本SQL的教程。