将我的所有PHP转换为PDO。有一个发送contractor_id和passwd的表单。然后搜索数据库,如果发现它显示该记录中的选定字段。应该很简单,但要么我错过了什么,要么我有一个类型 - 我无法看到。提前感谢您的帮助。
<html >
<body>
<form action="display.php" method="POST" >
<input name="contractor_id" type="text" />
<input name="passwd" type="text" />
<input name="submit" type="submit" value="Submit" />
</form>
</body>
</html>
<?php
$servername = "localhost";
$username = "searchdb";
$password = "passwd";
$dbname = "dbn";
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$stmt = $conn->prepare("SELECT contractor_id, firstname, lastname, address, city, state, zip, email, areacode, phonenumber, ssnumber,
rate, mykey, passwd FROM contractor_keys");
$stmt->execute();
$stmt = $conn->prepare("SELECT * FROM contractor_keys WHERE contractor_id=:contractor_id and passwd=:passwd");
$stmt->bindValue(1, $contractor_id, PDO::PARAM_INT);
$stmt->bindValue(2, $firstname, PDO::PARAM_STR);
$stmt->bindValue(3, $lastname, PDO::PARAM_STR);
$stmt->bindValue(4, $address, PDO::PARAM_STR);
$stmt->bindValue(5, $city, PDO::PARAM_STR);
$stmt->bindValue(6, $state, PDO::PARAM_STR);
$stmt->bindValue(7, $zip, PDO::PARAM_STR);
$stmt->bindValue(8, $email, PDO::PARAM_STR);
$stmt->bindValue(9, $areacode, PDO::PARAM_STR);
$stmt->bindValue(10, $phonenumber, PDO::PARAM_STR);
$stmt->bindValue(11, $ssnumber, PDO::PARAM_STR);
$stmt->bindValue(12, $rate, PDO::PARAM_STR);
$stmt->bindValue(13, $mykey, PDO::PARAM_STR);
$stmt->bindValue(14, $passwd, PDO::PARAM_STR);
$stmt->execute();
$row = $stmt->fetchAll(PDO::FETCH_ASSOC);
echo $row['firstname'].' '.$row['lastname'].' '.$row['address'] .' '.$row['city'].' '.$row['state']
.' '.$row['zip'].' '.$row['areacode'].' '.$row['phonenumber'].' '.$row['ssnumber'].' '.$row['rate']
.' '.$row['mykey'].' '.$row['passwd'];
catch(PDOException $e) {
echo "Error: " . $e->getMessage();
}
$conn = null;
?>
答案 0 :(得分:0)
您可以完全取消第一个查询并执行更类似的操作:
<?php
$servername = "localhost";
$username = "searchdb";
$password = "passwd";
$dbname = "dbn";
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$params=array(
':contractor_id' => $_POST['contractor_id'],
':passwd' => $_POST['passwd']
);
$stmt = $conn->prepare("SELECT * FROM contractor_keys WHERE contractor_id=:contractor_id and passwd=:passwd");
$stmt->execute( $params );
$row = $stmt->fetchAll(PDO::FETCH_ASSOC);
echo $row['firstname'].' '.$row['lastname'].' '.$row['address'] .' '.$row['city'].' '.$row['state']
.' '.$row['zip'].' '.$row['areacode'].' '.$row['phonenumber'].' '.$row['ssnumber'].' '.$row['rate']
.' '.$row['mykey'].' '.$row['passwd'];
/*
or perhaps even
echo implode( ' ', $row );
*/
catch(PDOException $e) {
echo "Error: " . $e->getMessage();
}
$conn = null;
?>
例如,以下内容适用于我本地计算机上的其中一个dbs,但它可以正常工作,并且紧跟上面的代码。
$dsn = 'mysql:dbname=stores;host=127.0.0.1';
$user = 'xxx';
$password = 'xxx';
try {
$customer='Alease.Gunderman'; /* static instead of POST var for testing */
$db = new PDO($dsn, $user, $password);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql='select * from customers where cust_name=:cust_name;';
$stmt=$db->prepare( $sql );
$stmt->execute(
array(
':cust_name' => $customer
)
);
$row = $stmt->fetchAll( PDO::FETCH_ASSOC );
echo '<pre>',print_r($row,true),'</pre>';
} catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
输出:
Array
(
[0] => Array
(
[id] => 6
[cust_name] => Alease.Gunderman
)
)
如果您使用原始代码运行一个简单的测试示例,而代码可能位于其他地方 - 或许是一个包含的文件,那么这似乎很可能?