Php 将pdo替换为mysql问题
我从未使用过pdo,在login.php文件中将mysql_*切换到pdo时遇到了很大困难。是否有任何建议,如何做到这一点,并使我的登录安全注射 Login.php:Php 将pdo替换为mysql问题,php,mysql,pdo,Php,Mysql,Pdo,我从未使用过pdo,在login.php文件中将mysql_*切换到pdo时遇到了很大困难。是否有任何建议,如何做到这一点,并使我的登录安全注射 Login.php: session_start(); $username = $_POST ['username']; $password = $_POST ['password']; if ($username&&$password) { $connect = mysql_connect ("localhost","**
session_start();
$username = $_POST ['username'];
$password = $_POST ['password'];
if ($username&&$password)
{
$connect = mysql_connect ("localhost","**********","***********") or die
("Couldn't connect");
mysql_select_db ("*********") or die ("DataBase does not exist");
$query = mysql_query("SELECT * FROM members WHERE username='$username'");
$numrows = mysql_num_rows ($query);
if ($numrows!=0)
{
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
$firstname = $row['FirstName'];
}
if ($username==$dbusername&&$password==$dbpassword&&$numrows>0)
{
$_SESSION['name'] = $firstname;
$_SESSION['username'] = $username;
header( 'Location: admin.php' ) ;
exit;
}
else
echo "Incorrect Password!";
}
else
die ("User Doesn't Exist");
}
else
die("Please try again!");
?>
<?php
$username = 'root';
$password = '';
$maininf = 'mysql:host=localhost;dbname=;charset=utf8';
$db = new PDO($maininf,$username,$password);
?>
这是正确的吗?事实上,这样的转换是一项非常简单的任务。你只是从一个错误的角度来看待它。很可能您只是在使用PDO之前没有学习它。阿克顿:你不是应该在拿到驾照之前学会开车吗?同样的道理,你必须先学习。所以,就像tuts+中的一个,然后通读一遍,然后完成所有的示例和练习。然后试着写一个你自己的简单代码片段,并玩弄一下。从那时起,转换的任务将是小菜一碟 你可以从这里开始 只是为了完整
session_start();
if ($_POST['password'])
{
include 'pdo.php';
$stmt = $pdo->prepare("SELECT * FROM members WHERE username=?");
$stmt->execute([$_POST['username']]);
$row = $stmt->fetch();
if ($row && $row['password'] == $_POST['password'])
{
$_SESSION['user'] = $row;
header( 'Location: admin.php' ) ;
exit;
}
}
die("Please try again!");
你的意思是你想让我把我们的
codePDO