将mysqli转换为PDO | PHP-mySQL时出现问题
我目前正在将mySQLi-PHP代码转换为PDO以提高安全性,我在理解如何将下面的代码转换为新的PDO-PHP时遇到了一些困难 下面的代码应该采用最后插入的ID(PDO正在插入的ID),并将列idnum设置为NUM(和最后插入的ID) 如何将其转换并添加到PDO中将mysqli转换为PDO | PHP-mySQL时出现问题,php,mysql,mysqli,pdo,Php,Mysql,Mysqli,Pdo,我目前正在将mySQLi-PHP代码转换为PDO以提高安全性,我在理解如何将下面的代码转换为新的PDO-PHP时遇到了一些困难 下面的代码应该采用最后插入的ID(PDO正在插入的ID),并将列idnum设置为NUM(和最后插入的ID) 如何将其转换并添加到PDO中 if (mysqli_query($conn, $sql)) { $last_id = mysqli_insert_id($conn); $sql = "UPDATE Equipment SET idnum = CON
if (mysqli_query($conn, $sql)) {
$last_id = mysqli_insert_id($conn);
$sql = "UPDATE Equipment SET idnum = CONCAT('NUM', '$last_id') WHERE equipment_id = '$last_id'";
mysqli_query($conn, $sql);
echo "New record created successfully. Last inserted ID is: " . last_id;
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
建议在创建相关记录时使用它们,这样您就不会留下孤立记录或没有关系的行。如果您正在寻找类似于
mysqli\u insert\u id($conn)希望将代码添加到以下PDO PHP脚本中PDO完全不同,它是一个插入,另一个是一个更新,我们应该如何将其添加到插入中。$last_id=$conn->lastInsertId()然后$conn->prepare(“更新设备集idnum=CONCAT('NUM',:last\u id\u 0),其中设备id=:last\u id\u 1”)->执行(['last\u id\u 0'=>$last\u id,'last\u id\u 1'=>$last\u id])键/占位符必须是唯一的。但如果它们在一起,我也会使用事务和try-catch块:-/为什么您认为PDO会给您带来更好的安全性?它是预先准备好的语句,可以为您提供更好的安全性,您可以将它们与mysqli_*()
一起使用,因为您不能使用相同的命名占位符2x,所以您可以使用last_id_0
和last_id_1
。请参见准备仿真PDO::ATTR\u仿真\u PREPARES=>false
您不能多次使用同一占位符。你可以给它起个别的名字,我就是懒。换句话说,您不能按原样使用:last_id
两次。。。
$hostdb = 'localhost';
$namedb = 'dbname';
$userdb = 'userdb';
$passdb = 'passdb';
$charset = 'utf8';
if (isset($_POST['name'], $_POST['place'], $_POST['person'] , $_POST['number'] , $_POST['other_name'])) {
// Connect and create the PDO object
$options = [
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_EMULATE_PREPARES => false,
];
$conn = new PDO("mysql:host=$hostdb;dbname=$namedb;charset=$charset", $userdb, $passdb, $options);
$stmt = $conn->prepare( ' INSERT INTO `Table1` (name, place, person, number, other_name, progress)
VALUES (:name,:place,:person,:number,:other_name, "Done") ' );
$stmt->execute([
'name' => $_POST['name'],
'place' => $_POST['place'],
'person' => $_POST['person'],
'number' => $_POST['number'],
'other_name' => $_POST['other_name'],
]);
// Shows the number of affected rows
echo 'Affected rows : '. $stmt->rowCount();
}
$hostdb = 'localhost';
$namedb = 'dbname';
$userdb = 'userdb';
$passdb = 'passdb';
$charset = 'utf8';
if (isset($_POST['name'], $_POST['place'], $_POST['person'] , $_POST['number'] , $_POST['other_name'] )) {
// Connect and create the PDO object
$options = [
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_EMULATE_PREPARES => false,
];
$conn = new PDO("mysql:host=$hostdb;dbname=$namedb;charset=$charset", $userdb, $passdb, $options);
try{
//start a transaction {ACID}
$conn->beginTransaction();
$stmt = $conn->prepare('INSERT INTO `Table1` (`name`, `place`, `person`, `number`, `other_name`, `progress`)
VALUES (:name,:place,:person,:number,:other_name, "Done") ' );
$stmt->execute([
'name' => $_POST['name'],
'place' => $_POST['place'],
'person' => $_POST['person'],
'number' => $_POST['number'],
'other_name' => $_POST['other_name'],
]);
//get the last insert ID
$last_id = $conn->lastInsertId();
$stmt = $conn->prepare('UPDATE `Equipment` SET `idnum` = CONCAT("NUM", :last_id_0) WHERE `equipment_id` = :last_id_1');
//named placeholders must be unique
$stmt->execute([
'last_id_0' => $last_id,
'last_id_1' => $last_id
]);
echo "New record created successfully. Last inserted ID is: " . $last_id;
//commit the changes
$conn->commit();
}catch(PDOException $e){
//roll back the changes on errors
$conn->rollback();
echo $e->getMessage();
}
// Shows the number of affected rows this is pointless (for insert 1 row it's always 1 or an error)
//echo 'Affected rows : '. $stmt->rowCount();
}