www.webdeveloper.com
Results 1 to 5 of 5

Thread: [RESOLVED] PHP's PDO

Threaded View

  1. #1
    Join Date
    Jun 2009
    Location
    Chi town. IL68 ICAO code home airport, literally.
    Posts
    157

    resolved [RESOLVED] PHP's PDO

    So as you may know I am creating a multiple database connect and writing to multiple databases using PHP's PDO set. Im rather new to the whole PDO scene so its a learning curve with me. Here is my code, and below are my questions.
    PHP Code:
    <?php
    require_once('../wp-includes/class-phpass.php');

    //Create var names
    $first_name $_POST['F_Name'];
    $last_name $_POST['L_Name'];
    $phone_number_1 $_POST['Pnumber1'];
    $phone_number_2 $_POST['Pnumber2'];
    $address $_POST['Address'];
    $state $_POST['State'];
    $city $_POST['City'];
    $zip_code $_POST['Zip'];
    $email_1 $_POST['Email1'];
    $email_2 $_POST['Email2'];
    $username $_POST['Uname'];
    $password_1 $_POST['Pass'];
    $jed $_POST['Jednostka'];
    $dob $_POST['DOB'];
    $stopien $_POST['Stopien'];
    $funk $_POST['FUNK'];
    $hasher = new PasswordHash(8True);
    $password $hasher->HashPassword($password_1);
    $ENC =MD5($password_1);
    $ERRmsg "";

            
    //Checks if any feilds were left empty and creates an error message to display
                
    if(empty($first_name)) $ERRmsg .= 'You did not enter a First Name!  Pleaase go back and try again! <br/>';
                if(empty(
    $last_name)) $ERRmsg .= 'You did not enter a Last Name!  Please go back and try again! <br/>';
                if(empty(
    $phone_number_1)) $ERRmsg .= 'You did not enter a Phone Number!  Please go back and try again! <br/>';
                if(empty(
    $address)) $ERRmsg .= 'You did not enter an Address!  Please go back and try again! <br/>';
                if(empty(
    $state)) $ERRmsg .= 'You did not choose a State!  Please go back and try again! <br/>';
                if(empty(
    $city)) $ERRmsg .= 'You did not enter a City!  Please go back and try again! <br/>';
                if(empty(
    $zip_code)) $ERRmsg .= 'You did not enter a Zip Code.  Please go back and try again!<br/>';
                if(empty(
    $email_1)) $ERRmsg .= 'You did not enter a Email.  Please go back and try again!<br/>';
                if(empty(
    $email_2)) $ERRmsg .= 'You did not re-enter you Email.  Please go back and try again!<br/>';
                if(empty(
    $username)) $ERRmsg .= 'You did not enter a Username.  Please go back and try again!<br/>';
                if(empty(
    $password_1)) $ERRmsg .= 'You did not enter a password!  Please go back and try again!<br/>';
                if(empty(
    $jed)) $ERRmsg .= 'You did not choose a Jednostka!  Please go back and try again!<br/>';
                if(empty(
    $dob)) $ERRmsg .= 'You did not enter a Date of Birth!  Please go back and try again!<br/>';
                if(empty(
    $stopien)) $ERRmsg .= 'You did not choose a Stopien!  Please go back and try again!<br/>';
                if(empty(
    $funk)) $ERRmsg .= 'You did not enter a Funkcjia!  Please go back and try again!<br/>';
                if(
    $email_1 !== $email_2$ERRmsg .= 'Your emails did not match!  Please go back and try again!<br/>';
                
                    
    //Checks to see if error message is empty, if empty does rest of code
                    
    if(empty($ERRmsg))
                    {
                        try {
                        
    $wdp = new PDO('mysql:harcerze_central; host=localhost''harcerze_cuser''Czuwaj_99999');
                            echo 
    "Connected to Warta Database</p>\n";
                        
    $wdp->setAttribute(PDO::ATTR_ERRMODEPDO::ERRMODE_EXCEPTION);
                                
    //prepare the SQL statement
                                    
    $wdp_insert $wdp->prepare
                                    
    ("INSERT INTO users( 
                                    ID,
                                    F_NAME,
                                    L_Name,
                                    P_number1,
                                    P_number2,
                                    Address,
                                    City,
                                    State,
                                    Zip,
                                    Email,
                                    username,
                                    password,
                                    Jednostka,
                                    DOB,
                                    Stopien,
                                    Funkcjia,
                                    High,
                                    Active,
                                    user_registered,
                                    user_email,
                                    user_login,
                                    user_pass,
                                    user_nicename,
                                    display_name,
                                    groupID,
                                    prefs_list_item)
                                VALUES (
                                    :id,
                                    :fname,
                                    :lname,
                                    :pnumber1,
                                    :pnumber2,
                                    :address,
                                    :city,
                                    :state,
                                    :zip,
                                    :email,
                                    :username,
                                    :password,
                                    :jednostka,
                                    :DOB,
                                    :Stopien,
                                    :funkcjia,
                                    :jednostka,
                                    :0,
                                    :timestamp,
                                    :email,
                                    :username,
                                    :password,
                                    :CONCAT('
    $First_name', ' ', '$Last_name'),
                                    :CONCAT('
    $First_name', ' ', '$Last_name'),
                                    :auto insert,
                                    :prefs_list_item
                                )"
                                
    );
                                    
                                        
    //Bind the paramaters
                                        
    $wdp_insert->bindParam(':fname'$first_name);
                                        
    $wdp_insert->bindParam(':lname'$last_name);
                                        
    $wdp_insert->bindParam(':pnumber1'$phone_number_1);
                                        
    $wdp_insert->bindParam(':pnumber2'$phone_number_2);
                                        
    $wdp_insert->bindParam(':address'$address);
                                        
    $wdp_insert->bindParam(':city'$city);
                                        
    $wdp_insert->bindParam(':state'$state);
                                        
    $wdp_insert->bindParam(':zip'$zip_code);
                                        
    $wdp_insert->bindParam(':email'$email_1);
                                        
    $wdp_insert->bindParam(':username'$username);
                                        
    $wdp_insert->bindParam(':password'$password);
                                        
    $wdp_insert->bindParam(':jednostka'$jed);
                                        
    $wdp_insert->bindParam(':DOB'$dob);
                                        
    $wdp_insert->bindParam(':Stopien'$stopien);
                                        
    $wdp_insert->bindParam(':funkcjia'$funk);
                                        
                                
    //Execute the prepared statement
                                    
    $wdp_insert->execute();
                                    echo (
    "<p>Insert complete</p>\n");
                        } catch (
    PDOException $ex) {
                        
    $msg $ex->errorInfo;
                        
    error_log(var_export($msgtrue));
                        die(
    "<p>Sorry, there was an unrecoverable database error. Debug data has been logged.</p>");
                        };
                            
                    }
                    else {
                        echo (
    $first_name .' '$ERRmsg);
                        exit;
                    }

    ?>
    So now my questions are as follows:

    1.On the insert I have multiple values, One of them is an ID that has A_I (Auto Incriment) how would I go about leaving that feild blank? The way I did???

    2.I have a feild "Active". That is Automatically 0 untill they confirm their email. Do I simply do :0, or leave that blank?

    3. I have a time stamp that is handeled by the SQL database. So I also leave this blank on the insert?

    4. Im joining two things using a CONCAT, will that work the way i have it set up?

    5. What else do you see that may be incorrect? It seems to me that this DBO way is just easy to inject SQL with. But I think thats just me being used to mysql_real_escape_string.....

    6. And I get an error of "array (0 => 'HY093', 1 => 0,)". Could this be due to the fact of the ID feild?
    Last edited by UAL225; 11-24-2012 at 04:57 PM.
    For want of a nail...the horseshoe was lost. For want of a horseshoe, the steed was lost. For want of a steed...the message was not delivered. For want of an undelivered message.....the war was lost.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles