PDO 上 bind_result 的等价物是什么

2021-12-26 00:00:00 php mysql pdo

我正在使用准备好的语句转换为 PDO 和我,我想绑定我的结果 $stmt->bind_result($email_count); 所以我可以把它放到一个if 语句查看电子邮件是否存在但是我收到错误 Fatal error: Call to undefined method PDOStatement::bind_result() in/Applications/XAMPP/xamppfiles/htdocs/imanage/insert.php on line 51 与前面的示例相关.

I'm converting to PDO and Im using prepared statements, I want to bind my result as so $stmt->bind_result($email_count); so i am able to put this into an if statement to see if the e-mail exists however I am getting the error Fatal error: Call to undefined method PDOStatement::bind_result() in /Applications/XAMPP/xamppfiles/htdocs/imanage/insert.php on line 51 which relates to the previous example.

我猜 bind_result 不是 PDO 定义的方法,所以有我可以使用的等效方法吗?

I'm guessing bind_result is not a PDO defined method, so is there an equivalent I could use?

我的代码如下,以防万一:

My code is below in case it helps:

插入.php

<?php

 include("connect/class.Database.php");

 class Users extends Database {

     public function insert() {

            $stmt = $this->pdo->prepare("SELECT COUNT(*) FROM users WHERE email=:email");
            $stmt->bindParam(":email", $_POST['email']);
            $stmt->bind_result($email_count);
            $stmt->execute();
            $stmt->fetch(PDO::FETCH_ASSOC);

                    if ($email_count > 0) {
                        echo "email exisits! click here to try <a href='register'>again</a>";
                        } else {
                            //escape the POST data for added protection
                            $username = isset($_POST['username']) ? $_POST['username'] : null;
                            $cryptedPassword = crypt($_POST['password']);
                            $password = $cryptedPassword;
                            $name = isset($_POST['name']) ? $_POST['name'] : null;
                            $email = isset($_POST['email']) ? $_POST['email'] : null;

                            $data = array($username, $password, $name, $email); 
                            $stmta = $this->pdo->prepare("INSERT INTO users (username, password, name, email) VALUES (?, ?, ?, ?)");
                            $stmta->execute($data);

                                printf("%d Row inserted.
", $stmta->row_count);
                                /* close statement and connection */
                                $stmta->close();
                } // end email_count and insert to table
            } // end function

      }
?>

connect/class.Database.php

connect/class.Database.php

<?php

// Database connection PDO

class Database {

    public function __construct() {
        // Connection information
        $host   = 'localhost';
        $dbname = 'imanage';
        $user   = 'root';
        $pass   = '';

        // Attempt DB connection
        try
        {
            $this->pdo = new PDO("mysql:host=$host;dbname=$dbname", $user, $pass);
            $this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
            echo 'Successfully connected to the database!';
        }
        catch(PDOException $e)
        {
            echo $e->getMessage();
        }

    }

     public function __destruct()
    {
        // Disconnect from DB
        $this->pdo = null;
        echo 'Successfully disconnected from the database!';
    }


}

?>

推荐答案

PDO 根本不需要丑陋的 bind_result.

然而你也不需要数数.请避免不必要的操作 - 它们只会无缘无故地膨胀和混淆您的代码.

You do not need an ugly bind_result with PDO at all.

Yet you don't need to count either. Please, avoid unnecessary actions - they only bloat and obfuscate your code for no reason.

首先想想,你需要从查询中得到什么?你真的需要数数吗?不.你真正需要的只是一个标志 - 如果用户存在或不存在.因此,进行查询以返回这样的标志.

Think first, what you need from the query? Do you really need to count? No. What you actually need is just a flag - if user exists or no. So, make a query to return such a flag.

$stmt = $this->pdo->prepare("SELECT 1 FROM users WHERE email=?");
$stmt->execute(array($_POST['email']));
$exists = $stmt->fetchColumn();

代码的所有其他部分也是如此

Same goes for all the other parts of code

//escape the POST data for added protection

你实际上并没有逃避"此代码块中的任何数据且不添加任何保护.然而,我认为将 NULL 作为电子邮件插入绝对没有意义.你确定你真的想要吗?

You don't actually "escape" any data in this code block and add no protection. Yet I see absolutely no point in inserting NULL as email. Are you sure you really want it?

相关文章