Php mysql pdo query: fill up variable with query result(Php mysql pdo 查询:用查询结果填充变量)
问题描述
我有一个网站可以轻松生成 ProFTPD 用户.现在,我正在保护我的网站免受 sql 注入攻击,为此,我将所有 mysqli 查询更改为带有准备好的语句的 pdo 查询.
但是我还是没弄明白,如何将sql查询结果保存在变量中.
<预><代码>...用户名=$_POST['用户名'];...$pdo = new PDO('mysql:host=localhost;dbname='db', 'root', 'PW');$query1= $pdo->prepare('select * from users where userid=:username');$query1->execute(array('username' => $username));foreach($query1 作为 $row){$result= $row->userid;}if($result == $username){echo "用户名已被占用";}当我运行这段代码时,变量 $result 是 emtpy.
我希望有人能帮助我.
提前致谢.
你应该使用 PDOStatement::fetch http://php.net/manual/en/pdostatement.fetch.php
I have a website to easily generate ProFTPD users. And now, I am securing my website against sql injection attacks, to do that I am changing all mysqli queries to pdo queries with prepared statements.
But I still couldn't find out, how to save sql query results in variable.
.
.
.
username=$_POST['username'];
.
.
.
$pdo = new PDO('mysql:host=localhost;dbname='db', 'root', 'PW');
$query1= $pdo->prepare('select * from users where userid=:username');
$query1->execute(array('username' => $username));
foreach($query1 as $row)
{
$result= $row->userid;
}
if($result == $username)
{
echo "Username is already taken";
}
When I run this code, the variable $result is emtpy.
I hope somebody could help me.
Thanks in advance.
You should use PDOStatement::fetch http://php.net/manual/en/pdostatement.fetch.php
这篇关于Php mysql pdo 查询:用查询结果填充变量的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本文标题为:Php mysql pdo 查询:用查询结果填充变量
基础教程推荐
- YouTube API v3 点赞视频,但计数器不增加 2022-01-01
- PHP 类:全局变量作为类中的属性 2021-01-01
- 如何替换eregi() 2022-01-01
- 在PHP中根据W3C规范Unicode 2022-01-01
- 学说 dbal querybuilder 作为准备好的语句 2022-01-01
- PHP PDO MySQL 查询 LIKE ->多个关键词 2021-01-01
- 如何在 Laravel 5.3 注册中添加动态下拉列表列? 2021-01-01
- 有什么方法可以用编码 UTF-8 而不是 Unicode 返回 PHP`json_encode`? 2021-01-01
- Cron Jobs 调用带有变量的 PHP 脚本 2022-01-01
- 如何在 Laravel 中使用 React Router? 2022-01-01
