PHP将旧的mysql_query更改为PDO

发布时间：2020-12-13 22:39:33 所属栏目：PHP教程来源：网络整理

导读：我的代码中有一些旧的 mysql_query查询,我想将其转换为PDO,但我很难开始工作. 我原来的代码是： mysql_query("UPDATE people SET price='$price',contact='$contact',fname='$fname',lname='$lname' WHERE id='$id' AND username='$username' ")or die(mysql

我的代码中有一些旧的 mysql_query查询,我想将其转换为PDO,但我很难开始工作.

我原来的代码是：

mysql_query("UPDATE people SET price='$price',contact='$contact',fname='$fname',lname='$lname' WHERE id='$id' AND username='$username' ")
or die(mysql_error());

现在我想：

$sql = "UPDATE people SET price='$price',lname='$lname' WHERE id='$id' AND username='$username'";
$q   = $conn->query($sql) or die("failed!");

但似乎无法让它发挥作用,任何想法？

更新的代码：

$conn = new PDO("mysql:host=$host;dbname=$db",$user,$pass);


 // check if the form has been submitted. If it has,process the form and save it to the   database
 if (isset($_POST['submit']))
 { 
 // confirm that the 'id' value is a valid integer before getting the form data
 if (is_numeric($_POST['id']))
  {
 // get form data,making sure it is valid
 $id = $_POST['id'];
 $fname = mysql_real_escape_string(htmlspecialchars($_POST['fname']));
 $lname = mysql_real_escape_string(htmlspecialchars($_POST['lname']));
 $contact = mysql_real_escape_string(htmlspecialchars($_POST['contact']));
 $price = mysql_real_escape_string(htmlspecialchars($_POST['price']));


 // check that firstname/lastname fields are both filled in
 if ($fname == '' || $lname == '' || $contact == '' || $price == '' )
 {
 // generate error message
 $error = 'ERROR: Please fill in all required fields!';

 //error,display form
 renderForm($id,$fname,$lname,$contact,$price,$error);
 }
 else
 {
 // save the data to the database
 $username = $_SESSION['username'];

 $query = "UPDATE people 
         SET price=?,contact=?,fname=?,lname=? 
          WHERE id=? AND 
                username=?";
$stmt = $db->prepare($query);
$stmt->bindParam(1,$price);
$stmt->bindParam(2,$contact);
$stmt->bindParam(3,$fname);
$stmt->bindParam(4,$lname);
$stmt->bindParam(5,$id);
$stmt->bindParam(6,$username);    
$stmt->execute();


 // once saved,redirect back to the view page
header("Location: view.php"); 
}

有关更多信息,请访问此链接： PHP PDO

根据你的例子,

<?php

    $query = "UPDATE people 
             SET price=?,lname=? 
              WHERE id=? AND 
                    username=?";
    $stmt = $dbh->prepare($query);
    $stmt->bindParam(1,$price);
    $stmt->bindParam(2,$contact);
    $stmt->bindParam(3,$fname);
    $stmt->bindParam(4,$lname);
    $stmt->bindParam(5,$id);
    $stmt->bindParam(6,$username);    
    $stmt->execute();

?>

PDO Prepared statements and stored procedures

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!