Databases
StackOverflow2013
Postsdbo
POHow to successfully rewrite old mysql-php code with deprecated mysql_* functions? Part II
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POHow to successfully rewrite old mysql-php code with deprecated mysql_* functions? Part II
    text
    copied!<p>Continuing from this topic where we explained most problems with PDO <a href="https://stackoverflow.com/questions/10919277/how-to-successfully-rewrite-old-mysql-php-code-with-deprecated-mysql-functions/10920267#10920267">How to successfully rewrite old mysql-php code with deprecated mysql_* functions?</a> now about understanding prepared statements... So in order to get remove mysql_* strings there are some examples so my question for all and other users may this find helpfull which solution is the best ... so example of old "made up* code:</p> <pre><code>in config.php: $db = new dbConn('127.0.0.1', 'root', 'pass', 'people', 'login'); in login.php $db-&gt;selectDb("login"); $query = mysql_query("SELECT * FROM account WHERE id='".$_session["id"]."' LIMIT 1"); $result = mysql_fetch_array($query); </code></pre> <p>$_session["id"] is defined when login actually, so now we have several options to do so:</p> <pre><code>In config.php: $db_people = new PDO('mysql:host=127.0.0.1;dbname=people;charset=UTF-8', 'root', 'pass'); $db_login = new PDO('mysql:host=127.0.0.1;dbname=login;charset=UTF-8', 'root', 'pass'); And in login.php 1): $stmt = $db_login-&gt;prepare("SELECT * FROM account WHERE id=? LIMIT 1"); $stmt-&gt;execute(array($_session["id"])); $results = $stmt-&gt;fetchAll(PDO::FETCH_ASSOC); </code></pre> <p>Or this one is better when exclude query? Or the previous one is better?</p> <pre><code>And in login.php 2): $query = "SELECT * FROM account WHERE id=? LIMIT 1"; $parameters = array($_session["id"]); $statement = $db_login-&gt;prepare($query); $statement-&gt;execute($parameters); $results = $statement-&gt;fetch(PDO::FETCH_ASSOC); </code></pre> <p>And this login form:</p> <pre><code> public function login($user, $password) { global $web, $db; if (!empty($user) &amp;&amp; !empty($password)) { $user = $web-&gt;esc($user); $password = $web-&gt;doHash($user, $password); $db-&gt;selectDb('login'); $qw = mysql_query("SELECT * FROM account WHERE username='".$user."' AND pass_hash='".$password."'"); if (mysql_num_rows($qw) &gt; 0) { $result = mysql_fetch_array($qw); $_session['name'] = $result['username']; $_session['id'] = $result['id']; return true; } else return false; } else return false; } </code></pre> <p>Transfered into this form:</p> <pre><code> public function login($user, $password) { global $web, $db_login; if (!empty($user) &amp;&amp; !empty($password)) { $user = $web-&gt;esc($user); $password = $web-&gt;doHash($user, $password); $stmt = $db_login-&gt;prepare("SELECT * FROM account WHERE username=? AND pass_hash=?"); $stmt-&gt;execute(array($user, $password)); $rows = $stmt-&gt;rowCount(); if ($rows &gt; 0) { $result = $stmt-&gt;fetchAll(PDO::FETCH_ASSOC); $_session['name'] = $result['username']; $_session['id'] = $result['id']; return true; } else return false; } else return false; } </code></pre> <p>Is it ok or again do separate query or maybe do it in complete different way? Thank you all.</p> <p>Also when there is multiple stmt should I use different name for it? For example I use stmt once and make a result1 after I do stmt second with result2 should I choose different name also for stmt variable or only result name is ok to be different?</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload