php - 将 mysqli 转换为 pdo 准备好的语句
问题描述
我无法让我的 pdo 准备好的语句代码来提取记录!只有当我用 MySQLi 代码编写它时。filter_month.php 与下面的两个代码。
filter_month.php--------PDO-Conversion---防止SQL注入不起作用!
<?php
{
include 'db_connection2.php';
$query = " SELECT
g.name as `group`,
COUNT(ar.present) as attended
FROM
attendance_record ar
INNER JOIN
_person p
ON ar.personid = p.id
INNER JOIN
_person_group g
ON ar.groupid = g.id
-- WHERE
AND
year(date) = ? AND month(date) = ?
AND
ar.present = 1
GROUP BY g.name
ORDER BY ar.date, g.name ASC
";
$stmt = $pdo->prepare($query);
$stmt->execute([$_POST["year"]],[$_POST["month"]]);
$stmt->fetchAll(PDO::FETCH_ASSOC);
//-----------------------------Table------------------------------------//
$output .= '
<table class="table table-bordered">
<tr>
<th style="text-align:center;" width=".001%"><font size=2><span>Class</span></th>
<th style="text-align:center;" width=".001%"><font size=2><span>Attended</span></th>
</tr>
';
foreach($stmt as $row)
{
$output .= '
<tr>
<td style="text-align:center;">' . $row['group'] . '</td>
<td style="text-align:center;">' . $row['attended'] . '</td>
</tr>
';
}
$output .= '</table>'; }
$pdo=null;
// By this way you can close connection in PDO.
?>
filter_month.php -----mysqli-----此代码有效!
<?php
{
include 'db_connection.php';
$query = " SELECT
g.name as `group`,
COUNT(ar.present) as attended
FROM
attendance_record ar
INNER JOIN
_person p
ON ar.personid = p.id
INNER JOIN
_person_group g
ON ar.groupid = g.id
-- WHERE
AND
YEAR(date) = '".$_POST["year"]."'
AND
Month(date) = '".$_POST["month"]."'
AND
ar.present = 1
GROUP BY g.name
ORDER BY ar.date, g.name ASC
";
$result = mysqli_query($conn, $query);
$conn->close();
//-----------------------------Table------------------------------------//
$output .= '
<table class="table table-bordered">
<tr>
<th style="text-align:center;" width=".001%"><font size=2><span>Class</span></th>
<th style="text-align:center;" width=".02%"><font size=2><span>Attended</span></th>
</tr>
';
while($row = mysqli_fetch_array($result))
{
$output .= '
<tr>
<td style="text-align:center;">' . $row['group'] . '</td>
<td style="text-align:center;">' . $row['attended'] . '</td>
</tr>
';
}
$output .= '</table>';
echo $output;
}
?>
我尝试了许多不同的方法来编写代码,但是无法提取记录。刚刚学习pdo。还尝试添加客户端reportmonthpage.php 的图像,但无法弄清楚如何发布图像。
这只是我的 filter_year.php,而不是年份和月份,它可以工作。如果我按照您的建议删除括号,它将不再提取记录。
<?php
{
include 'db_connection2.php';
$query = "SELECT
g.name as `group`,
COUNT(ar.present) as attended
FROM
attendance_record ar
INNER JOIN
_person p
ON ar.personid = p.id
INNER JOIN
_person_group g
ON ar.groupid = g.id
-- WHERE
AND
YEAR(date) = ?
AND
ar.present = 1
";
$stmt = $pdo->prepare($query);
$stmt->execute([$_POST["year"]]);
$result = $query;
$output .= '
<table class="table table-bordered">
<tr>
<th style="text-align:center;" width=".001%"><font size=2><span>Total Year Attendance</span></th>
</tr>
';
foreach($stmt as $row)
{
$output .= '
<tr>
<td style="text-align:center;">' . $row['attended'] . '</td>
</tr>
';
}
$output .= '</table>';
}
$pdo=null;
// By this way you can close connection in PDO.
?>
解决方案
您希望在执行函数中有一个数组,并且您错误地放置了括号,以至于您没有数组。
[$_POST["year"]],[$_POST["month"]]
应该是[$_POST["year"],$_POST["month"]]
创建数组。你有太多的括号。
推荐阅读
- qt - QTreeView,当鼠标悬停在一行上时如何调用动作?
- javascript - 如何使用 JavaScript 切换 CSS 中的类?
- bash - 在用于 greping 文件的 for 循环和使用文件查询 greping 文件之间有什么更快/更好的做法?
- python - 我的代码没有打印“未找到匹配项”,为什么?
- arrays - Swift - 向字典中的数组添加值
- java - 仅从 GitHub API 返回选定的字段
- javascript - 有没有办法可以预览我的 html 文件?
- javascript - 如何使用 i18n 制作具有漂亮 URL 的网站?
- oracle-apex - ords 独立服务器的 oracle apex ssl 配置
- compilation - 如何在 Chromium 中本地执行 AVI 视频?