使用PDO和会话从DB中选择数据

时间:2014-04-12 10:40:01

标签: php mysql session pdo

您好我正在尝试使用会话从我的数据库中选择项目。我想要显示内容的页面是profile.php页面。我可以让用户成功登录并使用表单插入数据。但是,我不确定如何使用PDO和会话选择数据。有人能帮帮我吗?

插入数据的表单(我现在尝试在个人资料页面中显示的数据)。

     require_once 'check.php';

function ArrayBinder(&$pdoStatement, &$array){
    foreach($array as $k=>$v){
        $pdoStatement->bindValue(':'.$k,$v);
    }
}


if(isset($_POST['full_name'])){
    $full_name = $_POST['full_name'];
    $username = $_POST['username'];
    $country = $_POST['country'];
    $bio = $_POST['bio'];
    $stmt = $dtb->prepare("UPDATE users SET full_name=:full_name, username=:username, country=:country, bio=:bio WHERE id=:log_user_id AND username=:log_uname LIMIT 1");
    $arr = array(
        "full_name"     =>  $full_name,
        "username"      =>  $username,
        "bio"           =>  $bio,
        "country"       =>  $country,
        "log_user_id"   =>  $log_user_id,
        "log_uname"     =>  $log_uname
    );
    ArrayBinder($stmt,$arr);
    try{
        $stmt->execute();
        echo "Your info has been updated";
        $dtb = null;
        exit();
    }
    catch(PDOException $e){
        echo $e->getMessage();
        $dtb = null;
        exit();
    }
}

Check_user.php

      session_start();

require("db_connect.php");

$user_is_logged = false;
$log_user_id = "";
$log_uname = "";
$log_pass = "";
if(isset($_SESSION['uid']) && isset($_SESSION['username']) && isset($_SESSION['password'])){
    // LOCAL VARIBALES FOR SESSIONS
    $log_user_id = preg_replace('#[^0-9]#', '', $_SESSION['uid']); // STRIPS EVERYTHING BUT NUMBERS AND REPLACES IT WITH NOTHING
    $log_uname = preg_replace('#[^a-z0-9]#i', '', $_SESSION['username']); // ONLY ALLOWS NUMBERS AND LETTERS 
    $log_pass = preg_replace('#[^a-z0-9]#i', '', $_SESSION['password']); // ONLY ALLOWS NUMBERS AND LETTERS 
    $stmt = $dtb->prepare("SELECT * FROM users WHERE id=:log_user_id");
    $stmt->bindValue(':log_user_id',$log_user_id,PDO::PARAM_INT);
    try{ // IF USER EXSISTS IN SYSTME AND THE SESSIONS ARE ACTIVE THEN THE USER IS LOGGED VAIRABLE WILL BE SET TO TRUE.
        $stmt->execute();
         if($stmt->rowCount() > 0){
             $user_is_logged = true;
         }
    }
    catch(PDOException $e){ // CATCH ERRORS AND RETURN FALSE SO THAT DTB QUERIES AREN'T ECHOED OUT.
        return false;
    }
}else if(isset($_COOKIE['id']) && isset($_COOKIE['username']) && isset($_COOKIE['password'])){
    $_SESSION['uid'] = preg_replace('#[^0-9]#', '', $_COOKIE['id']);
    $_SESSION['username'] = preg_replace('#[^a-z0-9]#i', '', $_COOKIE['username']);
    $_SESSION['password'] = preg_replace('#[^a-z0-9]#i', '', $_COOKIE['password']);
    $log_user_id = $_SESSION['uid'];
    $log_uname = $_SESSION['username'];
    $log_pass = $_SESSION['password'];
    $stmt = $dtb->prepare("SELECT * FROM users WHERE id=:log_user_id LIMIT 1");
    $stmt->bindValue(':log_user_id',$log_user_id,PDO::PARAM_INT);
    try{
        $stmt->execute();
         if($stmt->rowCount > 0){
             $user_is_logged = true;
         }
    }
    catch(PDOException $e){
        return false;
    }
    if($user_is_logged == true){
        $dtb->query("UPDATE users SET lastlog=now() WHERE id='$log_user_id' LIMIT 1");
    }
}

1 个答案:

答案 0 :(得分:1)

$sth = $dtb->prepare("SELECT * FROM `users` WHERE `username`=:username");
$sth->execute(array(
    ':username' => $_SESSION['username']
));

然后,您可以执行fetch()fetchAll()

$result = $sth->fetch();
/** Array ( 
        ['full_name'] => 'John Smith' 
        ['user_name'] => 'iLikePie' 
    ) etc. **/

$result = $sth->fetchAll();    
/** Array ( 
[0] => Array ( 
        ['full_name'] => 'John Smith' 
        ['user_name'] => 'iLikePie'
    ) 
[1] => Array ( 
        ['full_name'] => 'Another Guy With The Same Username' 
        ['user_name'] => 'iLikePie'
    )
) etc. **/

我建议使用fetch(),因为这样只会让您第一个匹配的用户。然后,您可以将查询结果分配给如下变量:

$bio = $result['bio'];

echo $bio;