php

pdo

$link 	= create_connection();
	  try {
			$stmt = $link->prepare("UPDATE repair_event SET	signimg=:signimg where uid=:id");	 
								  
			$stmt->bindParam(':signimg',$signimg);
			$stmt->bindParam(':id',$id);

			$result =  $stmt->execute();
//	$stmt->debugDumpParams();

		}
	catch (PDOException $e) {
		print $e->getMessage();
	}

如果是select的話 以前是
$sql = "SELECT * FROM  XXX  WHERE username='".$account."' AND password='".$password."'"; 
$resultN = $link->query($sql); 
要改為

$sql = "SELECT * FROM  xxx  WHERE username= :account AND  password= :password";  
$statement = $link->prepare($sql); /
$statement->execute(array(
    'account' => $account,
	'password' => $password
));

$Qrows=$statement->fetchALL(PDO::FETCH_ASSOC);

if ($statement->rowCount() != 0){
	foreach ($Qrows as $rows) {
//XXX
	}
}else{
	//帳密錯誤
}

Be the First to comment.

Leave a Comment

發佈留言必須填寫的電子郵件地址不會公開。