如何獲取已注冊電子郵件的主鍵ID

Question

我的項目目前正在進行中有問題，這是我的電子郵件控制器，我想獲取在我的數據庫中注冊的電子郵件的ID

      if ($this->getRequest()->isPost()) {

        $formData = $this->getRequest()->getPost();

        if ($form->isValid($formData)) {
        $imail = $form->getValue('email');
            $users = new Application_Model_DbTable_Users();
            $row = $users->fetchRow($users->select('uid')->where('email = ".$imail."'));

        /*  if ($row == 1) {
                    $token = uniqid(mt_rand(), true);
                    $userpass = new Application_Model_DbTable_Password();
                    $userpass->addToken($uid , $token);
                } else { $this->view->errorMessage = "Email not registered"; }
            */
        //$this->emailAction();
        }

我只需要讓id能夠轉移到我的下一個功能，但我也不能這樣做我認為這可能是無關的但我在純PHP上做了這個並且工作正常

       if (isset($_POST['submit'])) {

    $email = $_POST['email'];

    $getemail = mysql_query("SELECT `uid` FROM `users` WHERE `email` ='$email'");

    $resemail = mysql_num_rows($getemail);


        if ($resemail == 0) {

            echo "Email id is not registered";

        }

            $token = uniqid(mt_rand(), true);

            $getoken = mysql_query("INSERT INTO `password_recovery` (`uid`,`token`) VALUES ((SELECT `uid` FROM `users` WHERE `email` = '$email'),'$token') ");

我怎么能在zendframework中做這個邏輯1謝謝

Answer 1

Jehad Keriaki的解決方案是正確的，但不安全。 使用預准備語句語法，例如：

$row = $users->fetchRow($users->select('uid')->where('email = ?', $imail));

它將保護您免受SQL注入攻擊。

Answer 2

嘗試改變

$row = $users->fetchRow($users->select('uid')->where('email = ".$imail."'));

至

$row = $users->fetchRow($users->select('uid')->where('email = "$imail"'));

我認為問題在於點，你仍然可以用作：

$row = $users->fetchRow($users->select('uid')->where('email = "'.$imail.'"'));