我目前正在将mySQLi PHP代码转换为PDO以提高安全性,并且在理解如何将下面的代码转换并将其实现到新的PDO PHP中时遇到了一些麻烦
下面的代码应使用最后插入的ID(PDO正在插入的ID),并将列idnum设置为等于NUM(和最后插入的ID)。
如何将其转换并添加到PDO?
if (mysqli_query($conn, $sql)) {
$last_id = mysqli_insert_id($conn);
$sql = "UPDATE Equipment SET idnum = CONCAT('NUM', '$last_id') WHERE equipment_id = '$last_id'";
mysqli_query($conn, $sql);
echo "New record created successfully. Last inserted ID is: " . last_id;
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
我想将代码添加到以下PDO PHP脚本中:
$hostdb = 'localhost';
$namedb = 'dbname';
$userdb = 'userdb';
$passdb = 'passdb';
$charset = 'utf8';
if (isset($_POST['name'], $_POST['place'], $_POST['person'] , $_POST['number'] , $_POST['other_name'])) {
// Connect and create the PDO object
$options = [
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_EMULATE_PREPARES => false,
];
$conn = new PDO("mysql:host=$hostdb;dbname=$namedb;charset=$charset", $userdb, $passdb, $options);
$stmt = $conn->prepare( ' INSERT INTO `Table1` (name, place, person, number, other_name, progress)
VALUES (:name,:place,:person,:number,:other_name, "Done") ' );
$stmt->execute([
'name' => $_POST['name'],
'place' => $_POST['place'],
'person' => $_POST['person'],
'number' => $_POST['number'],
'other_name' => $_POST['other_name'],
]);
// Shows the number of affected rows
echo 'Affected rows : '. $stmt->rowCount();
}
答案 0 :(得分:1)
我猜想像这样(如果您希望将它们组合在一起):
$hostdb = 'localhost';
$namedb = 'dbname';
$userdb = 'userdb';
$passdb = 'passdb';
$charset = 'utf8';
if (isset($_POST['name'], $_POST['place'], $_POST['person'] , $_POST['number'] , $_POST['other_name'] )) {
// Connect and create the PDO object
$options = [
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_EMULATE_PREPARES => false,
];
$conn = new PDO("mysql:host=$hostdb;dbname=$namedb;charset=$charset", $userdb, $passdb, $options);
try{
//start a transaction {ACID}
$conn->beginTransaction();
$stmt = $conn->prepare('INSERT INTO `Table1` (`name`, `place`, `person`, `number`, `other_name`, `progress`)
VALUES (:name,:place,:person,:number,:other_name, "Done") ' );
$stmt->execute([
'name' => $_POST['name'],
'place' => $_POST['place'],
'person' => $_POST['person'],
'number' => $_POST['number'],
'other_name' => $_POST['other_name'],
]);
//get the last insert ID
$last_id = $conn->lastInsertId();
$stmt = $conn->prepare('UPDATE `Equipment` SET `idnum` = CONCAT("NUM", :last_id_0) WHERE `equipment_id` = :last_id_1');
//named placeholders must be unique
$stmt->execute([
'last_id_0' => $last_id,
'last_id_1' => $last_id
]);
echo "New record created successfully. Last inserted ID is: " . $last_id;
//commit the changes
$conn->commit();
}catch(PDOException $e){
//roll back the changes on errors
$conn->rollback();
echo $e->getMessage();
}
// Shows the number of affected rows this is pointless (for insert 1 row it's always 1 or an error)
//echo 'Affected rows : '. $stmt->rowCount();
}
事务就像将数据库更改为假装(如果是INNODB表),那么如果查询之一出错,则两者都会失败。
建议在创建相关记录时使用它们,这样您就不会留下孤立的记录或行,而不会只是在关系之间徘徊。