0

我想将此查询转换为 pdo :请任何可以提供帮助的人都将不胜感激

function updateonlinesession(){         
if(isset($_SESSION['username']['id'])){
$uid = $_SESSION['username']['id'];
$page = $_SERVER['REQUEST_URI'];
$ip = $_SERVER['REMOTE_ADDR'];
$username = $_SESSION['logged'];

("UPDATE site_user SET dateupdated  = now(),ip = '$ip' WHERE 
username = '".mysql_real_escape_string($_SESSION['username'])."'"); 
}

}
This is What I have tried 
<?php 

function updateonlinesession(){         
if(isset($_SESSION['username']['id'])){
$uid = $_SESSION['username']['id'];
$page = $_SERVER['REQUEST_URI'];
$ip = $_SERVER['REMOTE_ADDR'];
$username = $_SESSION['logged'];

$update =("UPDATE site_user SET dateupdated  = now(),ip = '$ip' WHERE 
username = '"($_SESSION['username'])."'");  
$updated_once= $con->($update);
$updated_once->execute();
}

}
?>
4

1 回答 1

2

PDO 可以将值绑定到参数。像这样:

function updateonlinesession(){         
  if(isset($_SESSION['username']['id'])){
    $uid = $_SESSION['username']['id'];
    $page = $_SERVER['REQUEST_URI'];
    $ip = $_SERVER['REMOTE_ADDR'];
    $username = $_SESSION['logged'];
    $update = "UPDATE site_user SET dateupdated  = now(), ip = ? WHERE username = ?");  
    $updated_once = $con->prepare($update);
    $updated_once->bindParam(1, $ip, PDO::PARAM_STR );
    $updated_once->bindParam(2, $username, PDO::PARAM_STR );
    $updated_once->execute();
  }
}
于 2013-03-02T10:57:46.090 回答