Php 替换全局$PDO对象以维护安全性
我将connection.php文件设置为:Php 替换全局$PDO对象以维护安全性,php,pdo,Php,Pdo,我将connection.php文件设置为: <?php $dsn='mysql:host=localhost;dbname=sakila'; $hostname='localhost'; $username='root'; $password=''; $PDO_ob = new PDO($dsn, $username, $password); try { $PDO_ob = new PDO($dsn, $username,
<?php
$dsn='mysql:host=localhost;dbname=sakila';
$hostname='localhost';
$username='root';
$password='';
$PDO_ob = new PDO($dsn, $username, $password);
try {
$PDO_ob = new PDO($dsn, $username, $password);
$PDO_ob->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo " connection success";
} catch (PDOException $ex) {
echo 'Connection failed: ' . $ex->getMessage();
}
?>
And functions.php as :
<?php
include "../category_prodct_pdo/connection.php";
function get_products(){
global $PDO_ob;
$sql="SELECT * FROM products";
$products=$PDO_ob->query($sql);
return $products;
}
?>
和functions.php作为:
提前感谢您除了评论和建议之外,我还建议使用一个类进行数据库连接,并使用get instance函数
final class DatabaseFactory
{
public $pdo;
public static function Instance()
{
static $inst = null;
if ($inst === null) {
$inst = new DatabaseFactory();
}
return $inst;
}
/**
* Private ctor so nobody else can instantiate it
*
*/
private function __construct()
{
$dsn='mysql:host=localhost;dbname=sakila';
$hostname='localhost';
$username='root'; // avoid connecting with root user
$password='{put password for db connection, it is more secure}';
try {
$this->pdo = new PDO($dsn, $username, $password);
$this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo " connection success";
} catch (PDOException $ex) {
echo 'Connection failed: ' . $ex->getMessage();
}
}
}
函数get_products($PDO_ob){…}尝试$PDO_ob