将 mysqli 转换为 pdo 准备好的语句
[英]Convert mysqli to pdo prepared statement
问题描述
I cant get my pdo prepared statement code to pull the records!
我无法获得我的 pdo 准备好的语句代码来提取记录! Only if I write it in MySQLi code.仅当我用 MySQLi 代码编写它时。 filter_month.php with both codes below. filter_month.php 包含以下两个代码。
filter_month.php--------PDO-Conversion---Prevent SQL Injection Not working! filter_month.php--------PDO-Conversion---防止SQL注入不起作用!
<?php
{
include 'db_connection2.php';
$query = " SELECT
g.name as `group`,
COUNT(ar.present) as attended
FROM
attendance_record ar
INNER JOIN
_person p
ON ar.personid = p.id
INNER JOIN
_person_group g
ON ar.groupid = g.id
-- WHERE
AND
year(date) = ? AND month(date) = ?
AND
ar.present = 1
GROUP BY g.name
ORDER BY ar.date, g.name ASC
";
$stmt = $pdo->prepare($query);
$stmt->execute([$_POST["year"]],[$_POST["month"]]);
$stmt->fetchAll(PDO::FETCH_ASSOC);
//-----------------------------Table------------------------------------//
$output .= '
<table class="table table-bordered">
<tr>
<th style="text-align:center;" width=".001%"><font size=2><span>Class</span></th>
<th style="text-align:center;" width=".001%"><font size=2><span>Attended</span></th>
</tr>
';
foreach($stmt as $row)
{
$output .= '
<tr>
<td style="text-align:center;">' . $row['group'] . '</td>
<td style="text-align:center;">' . $row['attended'] . '</td>
</tr>
';
}
$output .= '</table>'; }
$pdo=null;
// By this way you can close connection in PDO.
?>
filter_month.php -----mysqli-----This code works! filter_month.php -----mysqli-----这段代码有效!
<?php
{
include 'db_connection.php';
$query = " SELECT
g.name as `group`,
COUNT(ar.present) as attended
FROM
attendance_record ar
INNER JOIN
_person p
ON ar.personid = p.id
INNER JOIN
_person_group g
ON ar.groupid = g.id
-- WHERE
AND
YEAR(date) = '".$_POST["year"]."'
AND
Month(date) = '".$_POST["month"]."'
AND
ar.present = 1
GROUP BY g.name
ORDER BY ar.date, g.name ASC
";
$result = mysqli_query($conn, $query);
$conn->close();
//-----------------------------Table------------------------------------//
$output .= '
<table class="table table-bordered">
<tr>
<th style="text-align:center;" width=".001%"><font size=2><span>Class</span></th>
<th style="text-align:center;" width=".02%"><font size=2><span>Attended</span></th>
</tr>
';
while($row = mysqli_fetch_array($result))
{
$output .= '
<tr>
<td style="text-align:center;">' . $row['group'] . '</td>
<td style="text-align:center;">' . $row['attended'] . '</td>
</tr>
';
}
$output .= '</table>';
echo $output;
}
?>
I have tried many different ways to write the code but, cant get to pull records.我尝试了许多不同的方法来编写代码,但是无法提取记录。 Just now learning about pdo.刚刚学习pdo。 Also trying to add an image of the client side reportmonthpage.php but cant figure out how to post image.还试图添加客户端 reportmonthpage.php 的图像,但无法弄清楚如何发布图像。
Here is just my filter_year.php, not year and month, and it works.这里只是我的 filter_year.php,而不是年和月,它有效。 If I remove the brackets as you have suggested it wont pull records any longer.如果我按照您的建议删除括号,它将不再提取记录。
<?php
{
include 'db_connection2.php';
$query = "SELECT
g.name as `group`,
COUNT(ar.present) as attended
FROM
attendance_record ar
INNER JOIN
_person p
ON ar.personid = p.id
INNER JOIN
_person_group g
ON ar.groupid = g.id
-- WHERE
AND
YEAR(date) = ?
AND
ar.present = 1
";
$stmt = $pdo->prepare($query);
$stmt->execute([$_POST["year"]]);
$result = $query;
$output .= '
<table class="table table-bordered">
<tr>
<th style="text-align:center;" width=".001%"><font size=2><span>Total Year Attendance</span></th>
</tr>
';
foreach($stmt as $row)
{
$output .= '
<tr>
<td style="text-align:center;">' . $row['attended'] . '</td>
</tr>
';
}
$output .= '</table>';
}
$pdo=null;
// By this way you can close connection in PDO.
?>
2 个解决方案
解决方案1
1 2019-01-11 19:54:57
You want an array in the execute function and you've misplace brackets in such a way that you do not have an array.您希望在 execute 函数中有一个数组,但您将括号放错了位置,以至于您没有数组。
[$_POST["year"]],[$_POST["month"]] should be [$_POST["year"],$_POST["month"]] to create the array. [$_POST["year"]],[$_POST["month"]]应该是[$_POST["year"],$_POST["month"]]来创建数组。 You have too many brackets.你的括号太多了。
解决方案2
-2 2019-01-11 21:35:35
Here is what I came up with that works!这是我想出的作品! I'm sure it must be wrong, but it works!我敢肯定它一定是错的,但它有效!
<?php
{
include 'db_connection2.php';
$query = " SELECT
g.name as `group`,
COUNT(ar.present) as attended
FROM
attendance_record ar
INNER JOIN
_person p
ON ar.personid = p.id
INNER JOIN
_person_group g
ON ar.groupid = g.id
-- WHERE
AND
month(date) = ? AND year(date) = ?
AND
ar.present = 1
GROUP BY g.name
ORDER BY ar.date, g.name ASC
";
$stmt = $pdo->prepare($query);
$stmt->execute([$_POST["month"],$_POST["year"]] );
$result = $query;
//-----------------------------Table------------------------------------//
$output .= '
<table class="table table-bordered">
<div align="center"><font size=4>
Total present (by Class)-------PDO------ Not Working Code</font>
</div>
<tr>
<th style="text-align:center;" width=".001%"><font size=2><span>Class</span></th>
<th style="text-align:center;" width=".001%"><font size=2><span>Attended</span></th>
</tr>
';
foreach($stmt as $row)
{
$output .= '
<tr>
<td style="text-align:center;">' . $row['group'] . '</td>
<td style="text-align:center;">' . $row['attended'] . '</td>
</tr>
';
}
$output .= '</table>'; }
$pdo=null;
// By this way you can close connection in PDO.
?>
Thank you all for your time!谢谢大家的时间!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.