本文介绍了PHP MySQL PDO查询:使用查询结果填充变量的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有一个网站可以轻松生成ProFTPD用户.现在,我正在保护我的网站免受sql注入攻击,为此,我正在将所有mysqli查询更改为具有准备好的语句的pdo查询.
I have a website to easily generate ProFTPD users. And now, I am securing my website against sql injection attacks, to do that I am changing all mysqli queries to pdo queries with prepared statements.
但是我仍然找不到,如何将sql查询结果保存在变量中.
But I still couldn't find out, how to save sql query results in variable.
.
.
.
username=$_POST['username'];
.
.
.
$pdo = new PDO('mysql:host=localhost;dbname='db', 'root', 'PW');
$query1= $pdo->prepare('select * from users where userid=:username');
$query1->execute(array('username' => $username));
foreach($query1 as $row)
{
$result= $row->userid;
}
if($result == $username)
{
echo "Username is already taken";
}
当我运行这段代码时,变量$ result是emtpy.
When I run this code, the variable $result is emtpy.
我希望有人能帮助我.
I hope somebody could help me.
先谢谢了.
推荐答案
您应使用PDOStatement :: fetch http://php.net/manual/en/pdostatement.fetch.php
You should use PDOStatement::fetch http://php.net/manual/en/pdostatement.fetch.php
这篇关于PHP MySQL PDO查询:使用查询结果填充变量的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!