我正在尝试将所有查询重写为 PDO 格式。目前我正在尝试重写这个函数,但我似乎无法让它工作。
mysql_query 函数
function checkLogin() {
$this->sQuery = "SELECT * FROM users
WHERE gebruikersnaam='" . mysql_real_escape_string($_POST['gebruikersnaam']) . "'
AND wachtwoord = '" . sha1($_POST['wachtwoord']) . "'";
$this->rResult = mysql_query($this->sQuery)
or die("Er is iets misgegaan " . mysql_error());
if (mysql_num_rows($this->rResult) == 1) { // login name was found
$this->aRow = mysql_fetch_assoc($this->rResult);
$_SESSION['gebruiker'] = $this->aRow['voornaam'];
header("location: dashboard.php");
}
}
这就是我对 PDO 的了解:
function checkLoginPDO(){
$connect = new PDO(host, username, password); // Database Connectie maken (De host, username & password zijn in de config.php aan te passen)
$sql = "SELECT * FROM users
WHERE gebruikersnaam='" . mysql_real_escape_string($_POST['gebruikersnaam']) . "'
AND wachtwoord = '" . sha1($_POST['wachtwoord']) . "'";
$value = $connect->prepare($sql); //Een variabele aanmaken die de PDO vast houdt. Vervolgens word de code voorbereid door de prepare functie
$value->execute();
if(mysql_num_rows($value->fetch()) == 1){
$_SESSION['gebruiker'] = $row['voornaam'];
header("location: dashboard.php");
}
}
我在做什么错/忘记了?
提前致谢!