[英]How do I achieve this using pdo prepare statement
在 mysqli 服务器中,我使用下面的代码来选择由 url 代码指定的列:
include "init.php";
$get=$_GET["action"];
$sql = mysqli_query($conn, "SELECT * FROM $get ORDER BY id DESC LIMIT 6");
$productCount = mysqli_num_rows($sql); // count the output amount
if ($productCount > 0)
{
while($row = mysqli_fetch_array($sql)){
$id = $row["id"];
$jjode = $row["code"];
$product_name = $row["network"];
$details = $row["details"];
$logo = $row["logo"];
$price = $row["price"];
}
我尝试在我的 pdo 服务器中使用它,如代码:
include "init.php";
$get=$_GET["action"];
$sql = $conn->prepare("SELECT id,code,network,details,logo,price FROM $get ORDER BY id DESC LIMIT 6");
$sql->execute();
$row = $sql->fetchAll();
if(count($row) > 0)
{
$id = $row["id"];
$jjode = $row["code"];
$product_name = $row["network"];
$details = $row["details"];
$logo = $row["logo"];
$price = $row["price"];
}
但它没有输出更好的结果,请我如何使用 pdo 实现这一点,请提前感谢
两个代码清单都不安全。 对 $get 使用白名单。
你应该循环 fetchAll 的结果
$rows = $sql->fetchAll();
foreach ($rows as $row)
{
$id = $row["id"];
$jjode = $row["code"];
$product_name = $row["network"];
$details = $row["details"];
$logo = $row["logo"];
$price = $row["price"];
}
如何在 PHP PDO for MySQL 中准备带有 VARBINARY 的语句?
[英]How do I prepare a statement with VARBINARY in PHP PDO for MySQL?
如何使用正则表达式从 MySQL 查询数据并准备 PDO 语句?
[英]How to query data from MySQL using regex and prepare PDO statement?
我是否需要在每次打开时准备语句,还是只能在PDO PHP SQLite3中准备一次
[英]Do I need to prepare statement on every open or can prepare only once in PDO PHP SQLite3
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.