我有一个产品表,其中包含 types_id、mid_types_id 和 sub_types_id。sub_types_id 可以为空。
我的查询是这样的:
public function getProductsByType($types_id, $mid_types_id, $sub_types_id, $limit, $offset) {
$sql = "SELECT * FROM products AS p WHERE p.types_id = :types_id AND p.mid_types_id = :mid_types_id";
if (!empty($sub_types_id)) $sql .= " AND p.sub_types_id = :sub_types";
$sql .= " GROUP BY p.id LIMIT :limit OFFSET :offset";
$this->db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$query = $this->db->prepare($sql);
$query->bindParam('types_id', $types_id);
$query->bindParam('mid_types_id', $mid_types_id);
if (!empty($sub_types_id)) $query->bindParam('sub_types_id', $sub_types_id);
$query->bindParam('limit', $limit);
$query->bindParam('offset', $offset);
$query->execute();
if ($query->rowCount() > 0)
return $query->fetchAll(PDO::FETCH_ASSOC);
return null;
}
我的表的数据如下:
类型 ID = …
我用 PDO 函数制作了一个简单的登录系统,例如 $user->login。我允许用户在任何情况下都可以使用用户名登录,例如 USER、user。如何在不改变代码本质的情况下使该脚本区分大小写。
<?php
require_once('includes/config.php');
if( $user->is_logged_in() ){ header('Location: topage.php'); }
$message = "";
if(isset($_POST['submit'])){
$username = $_POST['username'];
$password = $_POST['password'];
if($user->login ($username,$password)){
$_SESSION['username'] = $username;
header('Location: topage.php');
exit;
} else {
$error[] = 'Wrong username or password or your account has not been activated.';
}
}
?>
而且我的密码是使用 PDO 命令加盐的
$hashedpassword = $user->password_hash($_POST['password'], PASSWORD_BCRYPT);
登录功能是
public function login($username,$password){
$row = $this->get_user_hash($username);
if($this->password_verify($password,$row['password']) == 1){
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $row['username'];
$_SESSION['memberID'] = $row['memberID'];
return true;
}
}
我收到这样的错误
致命错误:在第 15 行 /Applications/XAMPP/xamppfiles/htdocs/colorlib-search-23/test.php 中找不到类“TableRows”
这是我的代码:
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$stmt = $conn->prepare("SELECT * FROM users");
$stmt->execute();
// set the resulting array to associative
$result = $stmt->setFetchMode(PDO::FETCH_ASSOC);
foreach(new TableRows(new RecursiveArrayIterator($stmt->fetchAll())) as $k=>$v) {
echo $v;
}
}
catch(PDOException $e) {
echo "Error: " . $e->getMessage();
}
$conn = null;
检查了数据库表的名称和所有复制粘贴的其他代码,但仍然不起作用
$servername = "localhost";
$username = "root";
$password = "";
$dbname = …我正在尝试将类属性动态添加到PDO预处理语句中.为了实现这一点,我需要创建一个数组,它将从类中获取属性,将它们放在一个数组中,并在每个键的开头添加:.然后,用逗号分隔每个键.我最接近实现这一点的是使用:
foreach ($property as $field)
$propertyValues = implode(", :", array_keys($property));
return $propertyValues;
}
它给了我
用户名,:密码
我只需要一种方法来添加:到第一个键,在这种情况下是用户名.看起来就像
:用户名密码
但请记住,我正在尝试使其动态化,以便我可以将其功能扩展到其他类,并且我并不总是会知道第一个数组键是什么.
如果您有兴趣阅读整个班级,请点击此处:
<?php
require_once("../config/main.php");
class Database{
protected static $dbFields = array('username', 'password');
public $dbConnection;
public $tableName = 'users';
public $id;
public $username;
public $password;
public function __construct() {
$this->connect();
}
public function connect(){
try {
$this->dbConnection = new PDO("mysql:host=".DB_SERVER."; dbname=".DB_NAME, DB_USER, DB_PASS);
} catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
}
public function properties() {
$properties = array();
foreach …我试图与PDO一起使用mysql函数FROM_UNIXTIME:
$sth = $dbh->prepare("UPDATE ".DB_PREFIX."_logins SET num_of_trys = num_trys-1,
last_try = FROM_UNIXTIME(:last_try), WHERE username = :username
OR ip = :ip");
$sth->bindParam(':ip', $ip);
$sth->bindParam(':username', $user);
$sth->bindParam(':last_try', $lst);
$sth->execute();
但我收到错误消息.什么是正确的方法呢?
这是错误消息:
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]:
Syntax error or access violation: 1064 You have an error
in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near
'WHERE username = 'sadas' OR ip = '1834871734'' at line 1'
in …我正在循环一个SQL查询,我想获取该输出并将其保存为字符串变量..这可能吗?
我的循环如下:
foreach ($dbh->query($sql2) as $row2) {
echo $row2['id'];
echo $row2['staff'];
echo $row2['dept'];
}
我想将所有输出保存为一个字符串变量ie $output
感谢社区中的许多人,我一直在尝试将所有内容转换为PDO.我有一个INSERT INTO语句,我尝试转换为PDO,但它没有插入.我也没有收到任何错误.
这是我试图转换的内容:
<?php
session_start();
$con = mysql_connect("host", "username", "password", "DBname");
$username = $_SESSION['username'];
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("dbname", $con);
mysql_query("INSERT INTO badge_status (username, badge1)
VALUES ('$username', 'finished')");
mysql_close($con);
?>
PDO版本
<?php
session_start();
$db = new PDO('mysql:host=hostname;dbname=dbname;charset=UTF-8', 'username', 'password');
$username = $_SESSION['jigowatt']['username'];
$awardFinished = $db->prepare('INSERT INTO badge_status (username, badge1) VALUES ('$username', 'finished')');
?>
谢谢,如果你能抓住正在发生的事情或者可以解决这个问题!
这是我的代码:
class DB {
static $instance;
function get() {
if (self::$instance === null) {
self::$instance = new PDO('mysql:host=localhost;dbname=forum', 'root', 'root');
}
return self::$instance;
}
function getAllUsers() {
$users = array();
$sql = "SELECT * FROM users";
foreach (self::get()->query($sql) as $row) {
$users[] = new User($row);
}
return $users;
}
}
现在我在这里调用getAllUsers函数:
class App {
function showUsers() {
$users = DB::getAllUsers();
}
除了给我一个错误:
警告:为foreach()提供的参数无效
当我正在var_dump上self::get即时得到一个bool(false)
有人能告诉我我做错了什么吗?
如何解决以下错误?
致命错误:在第27行的index.php中调用非对象的成员函数fetch_assoc()调用堆栈:0.0000 644064 1. {main}()index.php:0
这是我到目前为止运行的代码:
$sql = 'SELECT * FROM pm_user WHERE name='.$_SESSION['pmname'].'';
$result = $pdo->query($sql);
$row = $result->fetch_assoc(); // line 27
echo $row['img'];
提前致谢
我有两个选择来存储我的html字符串:
magic_quotes_gpc使用PDO直接关闭并存储它.magic_quotes_gpc并让我的html字符串使用PDO以斜杠存储.然后,使用该函数转换这些斜杠stripslashes(); 我需要知道这两个选择的优缺点,你推荐哪一个?我猜第一选择存在安全威胁.并在第二选择的服务器上加载,但我需要知道专家说的话.