3

我正在远离 mysql 和 mysqli,因为 stackoverflow 上的许多用户一直在说好话。

我已经创建了一个数据库类并对其进行了测试,它可以很好地连接到数据库。我试图更新我准备好的陈述以匹配但是我在不熟悉的领域并最终得到以下错误:

Fatal error: Call to undefined method PDOStatement::bind_param() in E:\xampp\htdocs\imanage\insert.php on line 50

这反映了这一行:

$stmt->bind_param("s", $_POST['email']);

同样在这方面,我得到了数据库连接成功和关闭语句返回给我以及致命错误,例如:

Successfully connected to the database!Successfully connected to the database!Successfully disconnected from the database!

我将解释我想要实现的目标:

  • 在注册用户之前检查数据库中是否存在电子邮件
  • 如果是这样,告诉用户该电子邮件存在
  • 如果不匹配,则将用户插入用户表并加密密码

相关代码如下,如果有人能给我一些指导,我将不胜感激。

索引.php

        <form id="loginForm" method="POST" action="class.Login.php">
        <input type="text" id="email" name="email" placeholder="E-mail">
        <input type="password" id="password" name="password" placeholder="Password" class="showpassword"> 
        <input type="submit" name="submit" value="Log in"></form>

插入.php

public function insert() {

                    $stmt = $this->pdo->prepare("SELECT COUNT(*) FROM users WHERE email=?");
                    $stmt->bind_param("s", $_POST['email']);
                    $stmt->execute();
                    $stmt->bind_result($email_count);
                    $stmt->fetch();//fecth
                    $stmt->close();     

                    if ($email_count > 0) {
                        echo "email exisits! click here to try <a href='register'>again</a>";
                        } else {
                            //escape the POST data for added protection
                            $username = isset($_POST['username']) ? $_POST['username'] : null;
                            $cryptedPassword = crypt($_POST['password']);
                            $password = $cryptedPassword;
                            $name = isset($_POST['name']) ? $_POST['name'] : null;
                            $email = isset($_POST['email']) ? $_POST['email'] : null;
                            $stmta = $this->pdo->prepare("INSERT INTO users (username, password, name, email) VALUES (?, ?, ?, ?)");
                            //var_dump($this->pdo->error);
                            $stmta->bind_param('ssss', $username, $password, $name, $email); // bind strings to the paramater

                                /* execute prepared statement */
                                $stmta->execute();
                                printf("%d Row inserted.\n", $stmta->affected_rows);
                                /* close statement and connection */
                                $stmta->close();
                } // end email_count and insert to table
            } // end function

连接/类.Database.php

<?php

// Database connection PDO

class Database {

    public function __construct() {
        // Connection information
        $host   = 'localhost';
        $dbname = 'imanage';
        $user   = 'root';
        $pass   = '';

        // Attempt DB connection
        try
        {
            $this->pdo = new PDO("mysql:host=$host;dbname=$dbname", $user, $pass);
            $this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
            echo 'Successfully connected to the database!';
        }
        catch(PDOException $e)
        {
            echo $e->getMessage();
        }

    }

     public function __destruct()
    {
        // Disconnect from DB
        $this->pdo = null;
        echo 'Successfully disconnected from the database!';
    }


}

$run = new Database();
?>
4

2 回答 2

11

设置bind_param()bindParam().

于 2013-09-09T19:03:38.397 回答
6

一些 PDO 示例

带有绑定参数的示例

$stmt = $this->pdo->prepare("SELECT COUNT(*) FROM users WHERE email=:email");
$stmt->bindParam(":email", $_POST['email']);
$stmt->execute();
$stmt->fetch(PDO::FETCH_ASSOC);

数组示例

$data = array($username, $password, $name, $email); 
$stmta = $this->pdo->prepare("INSERT INTO users (username, password, name, email) VALUES (?, ?, ?, ?)");
$stmta->execute($data);

PDO 教程

于 2013-09-09T16:50:02.917 回答