Fatal编程技术网
  • php/
  • 准备好的PHP OOP语句

准备好的PHP OOP语句

php oop

准备好的PHP OOP语句,php,oop,mysqli,prepared-statement,Php,Oop,Mysqli,Prepared Statement,使用PHPOOP和mysqli在产品添加页面上工作,目前我正在准备语句实现,但找不到如何将它们添加到此类代码中的信息 任何指南都将受到重视 代码: 数据库连接类: <?php class DbConfig { private $_host = 'localhost'; private $_username = 'root'; private $_password = 'falcons17'; private $_database = 'scandiw

使用PHPOOP和mysqli在产品添加页面上工作,目前我正在准备语句实现,但找不到如何将它们添加到此类代码中的信息

任何指南都将受到重视

代码:

数据库连接类:

<?php
class DbConfig {    
    private $_host = 'localhost';
    private $_username = 'root';
    private $_password = 'falcons17';
    private $_database = 'scandiweb';

    protected $connection;

    public function __construct()
    {
      if (!isset($this->connection)) {
        $this->connection = new mysqli($this->_host, $this->_username, $this->_password, $this->_database);
        if (!$this->connection) {
          echo 'Cannot connect to database server';
          exit;
        }           
      } 

      return $this->connection;
    }
}
?>
验证和添加过程:

 <?php
//including the database connection file
include_once("classes/Crud.php");
include_once("classes/Validation.php");

$crud = new Crud();
$validation = new Validation();    
if(isset($_POST['Submit'])) {   
    $sku = $crud->prepare_string($_POST['sku']);
    $name = $crud->prepare_string($_POST['name']);
    $price = $crud->prepare_string($_POST['price']);
    $products = $crud->prepare_string($_POST['products']);
    $weight = $crud->prepare_string($_POST['weight']);
    $capacity = $crud->prepare_string($_POST['capacity']);
    $height = $crud->prepare_string($_POST['height']);
    $width = $crud->prepare_string($_POST['width']);
    $length = $crud->prepare_string($_POST['length']);

    $check_int = $validation->is_int($_POST, array('price','weight','capacity','height','width','length'));    
    if ($check_int != null){
      echo $check_int;
    }else {
      $result = $crud->execute("INSERT INTO products(sku,name,price,product_type,weight,capacity,height,width,length) VALUES('$sku','$name','$price','$products','$weight','$capacity','$height','$width','$length')");

      //display success message
      echo "<font color='green'>Data added successfully.";
      echo "<br/><a href='index.php'>View Result</a>";
    }
  }
?>

这是我经常使用的一个类。它从一个单独的.ini文件获取登录名。随时根据您的需要进行更改。请记住,它将关联数组设置为标准数组


class CC_DBV {

private static $mysqlhost; 
private static $mysqluser; 
private static $mysqlpwd; 
public static $mysqldb;
private static $db;
private static $mysqlport;


function __construct() {


    // ini File einlesen
    $globSettings = parse_ini_file(_ROOTV_.'cfg/main.ini',true);

    // Datenbankverbindung
    self::$mysqlhost = $globSettings ['db_settings']['host'];                   // MySQL-Host aus Config Datei
    self::$mysqluser = $globSettings ['db_settings']['db_user'];        // MySQL-User aus Config Datei
    self::$mysqlpwd = $globSettings ['db_settings']['db_pswd'];         // Passwort aus Config Datei
    self::$mysqldb = $globSettings ['db_settings']['db'];                       // Datenbank aus Config Datei
    self::$mysqlport = $globSettings ['db_settings']['port'];                   // Datenbank aus Config Datei

}

public function getInstance( ) { 
        if(!self::$db) { 

            try{

                self::$db = new \PDO( 
                        'mysql:host='.self::$mysqlhost.';dbname='.self::$mysqldb.';port='.self::$mysqlport, 
                        self::$mysqluser, 
                        self::$mysqlpwd, 
                        array( 
                                \PDO::ATTR_PERSISTENT => true, 
                                \PDO::ATTR_ERRMODE => \PDO::ERRMODE_EXCEPTION ,
                                \PDO::ATTR_DEFAULT_FETCH_MODE => \PDO::FETCH_ASSOC,
                                \PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'"
                        ) 
                ); 
                //self::$db->exec("SET NAMES utf8"); 

                return self::$db; 

            }catch (\PDOException $e){
                echo 'Connection failed: ' . $e->getMessage();
            }

        }else{
            return self::$db;
        }

} 


}

要使用它,请执行以下操作:


$conn = new CC_DBV(); // you can use this connection multiple times, it's persistant.
$inst = $conn->getInstance(); // create or get the instance of the opened connection
$stmnt = $inst->prepare("SELECT * FROM tablename WHERE xyz = :VAR1"); // prepare statement with placeholder(s)
$v = array(':VAR1' => 'aValue'); // set up an array with corresponding values
$r1 = $stmnt->execute($v); // execute statement with values
if(!$r1){ echo "PANICMODE";}else{ var_dump($stmnt->fetchAll()));



你看了这张照片了吗?这些部分中的哪一部分不清楚?返回的_构造是无用的,而且_构造不应用于在其受保护的情况下获取外部连接您的脚本是开放的,甚至可以在
MYSQLI_uuu
PDO
API'中使用,如果您准确描述您的问题/错误是什么
prepare\u string
?如果是转义数据,那么我强烈建议您停止这样做,而是使用准备好的/参数化的查询。如果你想要db类的方法,你可能更喜欢使用PDO而不是Mysqli,所以我建议给它一个spin,这是PDO,而不是Mysqli。当然,PDO也有我的偏好。是的,没错。但老实说,现在是2018年。Mysqli应该消失,即使是OOP:)遗憾的是,它不是这样工作的。问题~>解答。这可能被标记为答案,但请相信我,这是一个例外。”Knoop dat tussen je oren',正如我们在荷兰语中所说,它将在未来帮助你。我承认-将他的问题误读为“我如何使用事先准备好的陈述&OOP”。对不起,我建议你!

$conn = new CC_DBV(); // you can use this connection multiple times, it's persistant.
$inst = $conn->getInstance(); // create or get the instance of the opened connection
$stmnt = $inst->prepare("SELECT * FROM tablename WHERE xyz = :VAR1"); // prepare statement with placeholder(s)
$v = array(':VAR1' => 'aValue'); // set up an array with corresponding values
$r1 = $stmnt->execute($v); // execute statement with values
if(!$r1){ echo "PANICMODE";}else{ var_dump($stmnt->fetchAll()));