重写所有我的数据库查询,以便他们准备好并使用PDO(在我使用mysqli之前),以便它们可以防止sql注入。现在我是PDO的新手,所以它可能是一个我没看到的小错误,所以我希望你们可以帮助我,因为这段代码不起作用。
<?php
function getUserBalance($steamid)
{
include 'settings.php';
$conn = new PDO("mysql:host="$servername";dbname="$dbname"", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = $conn->prepare("SELECT balance FROM users WHERE steamid= :steamid");
$stmt = $conn->prepare($sql);
$stmt->bind_param(":steamid", $steamid, PDO::PARAM_STR);
$stmt->execute();
while($row = $stmt->fetch(PDO::FETCH_ASSOC))
{
return $row['balance'];
}
}
$stmt->close();
?>
答案 0 :(得分:1)
更改此行
compile 'com.android.support:recyclerview-v7:23.2.1'
到此
$conn = new PDO("mysql:host="$servername";dbname="$dbname"", $username, $password);
答案 1 :(得分:1)
Okey现在我把它改成了新的PDO(“mysql:host = $ servername; dbname = $ dbname”,$ username,$ password);移动了$ stmt-&gt; close();在函数(oops)中,并将bind_param更改为bindParam,Thx家伙现在正在使用
<?php
include 'ChromePhp.php';
function getUserBalance($steamid)
{
include 'settings.php';
$db = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "SELECT balance FROM users WHERE steamid= :steamid";
$stmt = $db->prepare($sql);
$stmt->bindParam(':steamid', $steamid, PDO::PARAM_STR);
$stmt->execute();
while($row = $stmt->fetch(PDO::FETCH_ASSOC))
{
return $row['balance'];
}
$stmt->close();
}
?>