[英]How can I check if a row is empty in mySQL using PDO?
This is how I would normally check for empty results: mysql_fetch_assoc
这通常是我检查空结果的方式:
mysql_fetch_assoc
However, I am using PDO for a client and in this login function, I want to return some text or a number or boolean to say a row was found or not. 但是,我将PDO用于客户端,并且在此登录功能中,我想返回一些文本,数字或布尔值以表示是否找到行。
public function Login ($email,$password)
{
$sqlQuery="SELECT * FROM db_user WHERE email= '".$email."' AND password='".$password." '";
$statement = $this->_dbHandle->prepare($sqlQuery); // prepare a PDO statement
$statement -> execute();
$dataSet= [];
if(mysql_num_rows($statement) == 1){
echo 'login true';
} else {
echo 'login false';
}
Both other answers are essentially unacceptable. 其他两个答案基本上是不可接受的。
And not because they lack cleanness but because they are awfully dangerous 并不是因为它们缺乏清洁度,而是因为它们非常危险
public function Login ($email,$password)
{
$sql="SELECT 1 FROM db_user WHERE email=? AND password=?";
$stmt = $this->_dbHandle->prepare($sql);
$statement -> execute([$email, $password]);
return $stmt->fetchColumn();
}
You should be using prepared statements, not just mimicking them. 您应该使用准备好的语句,而不仅仅是模仿它们。
$sqlQuery="SELECT * FROM db_user WHERE email= '".$email."' AND password='".$password." '";
$statement = $this->_dbHandle->prepare($sqlQuery); // prepare a PDO statement
$statement -> execute();
$rows = $statement ->fetch(PDO::FETCH_ASSOC);
if( ! $rows)
{
die('Empty Records');
}
$sqlQuery= "SELECT * FROM db_user WHERE email= ? AND password= ?";
$statement = $this->_dbHandle->prepare($sqlQuery); // prepare a PDO
// pass parameter to tackle [SQL Injection][1]
$stmt->execute(array($email, $password));
$result = $stmt->fetch();
if( $result ) {
echo "login true";
}else{
echo "login false";
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.