从抓取URL参数中插入数据 - PHP PDO

时间:2014-11-09 03:26:34

标签: php pdo

例如,我有这个带有特定参数的URL:

http://example.com/index.php?id_user=84759832475

[id_user=**84759832475**]由我自己创建,我已经在我的脚本中声明了它。

$txtemail = strip_tags(isset($_POST['txtemail'])) ? strip_tags($_POST['txtemail']) : '';
$txtemail=strip_tags($txtemail);
$txtname = strip_tags(isset($_POST['txtname'])) ? strip_tags($_POST['txtname']) : '';
$txtname =strip_tags($txtname);
$id_user="84759832475";

$stmt="SELECT * FROM table_name WHERE emailz=:txtemail AND namez=:txtnamez"; 
$pgdata = $myDb->prepare ($stmt);
//bind semua variabel login dalam parameter
$pgdata->bindParam(':txtname', $txtname, PDO::PARAM_STR,31);
$pgdata->bindParam(':txtemail', $txtemail, PDO::PARAM_STR,31);
//eksekusi statemen prepare tadi
$pgdata->execute();
//cek & lihat hasil
//$cekdata = $pgdata->fetchColumn();
if(!$pgdata->rowCount()> 0){
    $pgdata = $myDb->prepare('INSERT INTO table_name (namez,emailz,userid) VALUES (:txtname,:txtemail,?????)');
    $pgdata->execute(array(':namez'=>$txtname, ':emailz'=>$txtemail, ':userid'=>$id_user));

在这种情况下,问号 ?????? 让我对写什么感到困惑。 如果我的英语太糟糕,无法解释这个问题,我很抱歉。

1 个答案:

答案 0 :(得分:1)

只需在其他预准备语句中添加另一个命名占位符,就像其他语句一样:

$txtemail = isset($_POST['txtemail']) ? strip_tags($_POST['txtemail']) : '';
$txtname = isset($_POST['txtname']) ? strip_tags($_POST['txtname']) : '';
$id_user = "84759832475";

$stmt = 'SELECT COUNT(id) AS total FROM table_name WHERE emailz = :txtemail AND namez = :txtnamez'; 
$pgdata = $myDb->prepare($stmt);

$pgdata->bindParam(':txtnamez', $txtname, PDO::PARAM_STR);
$pgdata->bindParam(':txtemail', $txtemail, PDO::PARAM_STR);
$pgdata->execute();

$result = $pgdata->fetch(PDO::FETCH_ASSOC);

if($result['total'] > 0){

    $pgdata = $myDb->prepare('
      INSERT INTO table_name (namez,emailz,userid) 
      VALUES (:txtname, :txtemail, :userid)
    ');
    // just add another named placeholer :userid

    $pgdata->execute(array(':txtname'=> $txtname, ':txtemail'=> $txtemail, ':userid' => $id_user));
}