例如,我的URL末尾带有特殊的参数:
http://example.com/index.php?id_user=84759832475
该值[id_user=**84759832475**]由我自己创建,并且已在脚本中声明了该值。
$txtemail = strip_tags(isset($_POST['txtemail'])) ? strip_tags($_POST['txtemail']) : '';
$txtemail=strip_tags($txtemail);
$txtname = strip_tags(isset($_POST['txtname'])) ? strip_tags($_POST['txtname']) : '';
$txtname =strip_tags($txtname);
$id_user="84759832475";
$stmt="SELECT * FROM table_name WHERE emailz=:txtemail AND namez=:txtnamez";
$pgdata = $myDb->prepare ($stmt);
//bind semua variabel login dalam parameter
$pgdata->bindParam(':txtname', $txtname, PDO::PARAM_STR,31);
$pgdata->bindParam(':txtemail', $txtemail, PDO::PARAM_STR,31);
//eksekusi statemen prepare tadi
$pgdata->execute();
//cek & lihat hasil
//$cekdata = $pgdata->fetchColumn();
if(!$pgdata->rowCount()> 0){
$pgdata = $myDb->prepare('INSERT INTO table_name (namez,emailz,userid) VALUES (:txtname,:txtemail,?????)');
$pgdata->execute(array(':namez'=>$txtname, ':emailz'=>$txtemail, ':userid'=>$id_user));
在这种情况下,问号?????? 让我对写什么感到困惑。如果我的英语太糟糕了以至于无法解释这个问题,我感到很抱歉。
只需在其他准备好的语句内添加另一个命名占位符,就像其他语句一样:
$txtemail = isset($_POST['txtemail']) ? strip_tags($_POST['txtemail']) : '';
$txtname = isset($_POST['txtname']) ? strip_tags($_POST['txtname']) : '';
$id_user = "84759832475";
$stmt = 'SELECT COUNT(id) AS total FROM table_name WHERE emailz = :txtemail AND namez = :txtnamez';
$pgdata = $myDb->prepare($stmt);
$pgdata->bindParam(':txtnamez', $txtname, PDO::PARAM_STR);
$pgdata->bindParam(':txtemail', $txtemail, PDO::PARAM_STR);
$pgdata->execute();
$result = $pgdata->fetch(PDO::FETCH_ASSOC);
if($result['total'] > 0){
$pgdata = $myDb->prepare('
INSERT INTO table_name (namez,emailz,userid)
VALUES (:txtname, :txtemail, :userid)
');
// just add another named placeholer :userid
$pgdata->execute(array(':txtname'=> $txtname, ':txtemail'=> $txtemail, ':userid' => $id_user));
}
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句