setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e) {
echo 'Attenzione errore: '.$e->getMessage();
}
?>
$myServer = 'localhost';
$myDB = 'b4wit_site';
$myUser = 'b4wit_brain11';
$myPass = 'tr0ttf0X_11_zdp';
$myConnection = mysql_connect($myServer, $myUser, $myPass);
$dbchoose = mysql_select_db($myDB, $myConnection);
?>
*********************************************************************
PDO queries:
1) DB connection:
setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e) {
echo 'Attenzione errore: '.$e->getMessage();
}
?>
2) select query
con ciclo while:
$sql ='SELECT id, titolo, url, immagine, active, data_insert FROM skin WHERE 1 ORDER BY data_insert desc';
$stmt = $db->prepare($sql);
$stmt->execute();
$num_rows=$stmt->rowCount();
while($row=$stmt->fetch(PDO::FETCH_ASSOC)){
}
solo 1 record:
$sql ='SELECT id, titolo, url, immagine, active, data_insert FROM skin WHERE 1 AND id = :id ORDER BY data_insert desc';
$stmt = $db->prepare($sql);
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->execute();
$row=$stmt->fetch(PDO::FETCH_ASSOC);
3) insert query
$id=$_REQUEST['id'];
$titolo=$_REQUEST['titolo'];
$url=$_REQUEST['url'];
$padding=$_REQUEST['padding'];
$sfondo=$_REQUEST['sfondo'];
$active=$_REQUEST['active'];
$sql = 'INSERT INTO skin(titolo, url, padding, sfondo, active, data_insert) values(:titolo,:url,:padding,:sfondo:active,now())';
$stmt = $db->prepare($sql);
$stmt->bindParam(':titolo', $titolo, PDO::PARAM_STR);
$stmt->bindParam(':url', $url, PDO::PARAM_STR);
$stmt->bindParam(':padding', $padding, PDO::PARAM_INT);
$stmt->bindParam(':sfondo', $sfondo, PDO::PARAM_STR);
$stmt->bindParam(':active', $active, PDO::PARAM_INT);
$stmt->execute();
$id_skin_appena_aggiunto = $db->lastInsertId();
$sql = 'UPDATE skin SET immagine= :new_name WHERE id= :id_skin_appena_aggiunto';
$stmt = $db->prepare($sql);
$stmt->bindParam(':new_name', $new_name, PDO::PARAM_STR);
$stmt->bindParam(':id_skin_appena_aggiunto', $id_skin_appena_aggiunto, PDO::PARAM_STR);
$stmt->execute();
4) update query
$sql='UPDATE skin SET
titolo= :titolo,
url= :url,
padding= :padding,
sfondo= :sfondo,
active= :active,
updated_at= now()
WHERE id= :id LIMIT 1';
$stmt = $db->prepare($sql);
$stmt->bindParam(':titolo', $titolo, PDO::PARAM_STR);
$stmt->bindParam(':url', $url, PDO::PARAM_STR);
$stmt->bindParam(':padding', $padding, PDO::PARAM_INT);
$stmt->bindParam(':sfondo', $sfondo, PDO::PARAM_STR);
$stmt->bindParam(':active', $active, PDO::PARAM_INT);
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->execute();
5) delete query
$sql='DELETE FROM skin WHERE id=:id LIMIT 1';
$stmt = $db->prepare($sql);
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->execute();
------------------
*********************************************************************
//*******************round per season (parametro: id season)
function get_rounds(){
global $db,$path,$strAuth;
$oggi=date("Y-m-d");
//$sql='select id_season, inizio, fine, id_competition from ws_seasons where abilitato="1" AND inizio<="'.$oggi.'" AND fine>="'.$oggi.'"';
$sql='select id_season, inizio, fine, id_competition from ws_seasons where abilitato="1" ';
$stmt = $db->prepare($sql);
$stmt->execute();
while($row=$stmt->fetch(PDO::FETCH_ASSOC)){
$file = $path.'get_rounds?season_id='.$row['id_season'].'&'.$strAuth;
$fp=file_get_contents($file);
$xml = simplexml_load_string($fp);
$itemRounds = $xml->xpath('//round');
foreach($itemRounds as $itemRound){
$sql='select id from ws_round where id_round='.$itemRound['round_id'].'';
$stmtC = $db->prepare($sql);
$stmtC->execute();
if($stmtC->rowCount()==0){
$sql='insert into ws_round(id_competition, id_season, id_round, nome, data_inizio, data_fine) values("'.$row['id_competition'].'", "'.$row['id_season'].'", "'.$itemRound['round_id'].'", "'.$itemRound['name'].'", "'.$itemRound['start_date'].'", "'.$itemRound['end_date'].'")';
$stmtx = $db->prepare($sql);
$stmtx->execute();
echo $sql.'
';
}
else{
$sql='update ws_round set id_competition="'.$row['id_competition'].'", id_season="'.$row['id_season'].'", nome="'.$itemRound['name'].'", data_inizio="'.$itemRound['start_date'].'", data_fine="'.$itemRound['end_date'].'" where id_round='.$itemRound['round_id'].' limit 1';
$stmty = $db->prepare($sql);
$stmty->execute();
echo $sql.'
';
}
}
}
}
—————————————————————————————————————————————
http://www.mrwebmaster.it/php/prepared-statements-pdo_11901.html
—————————————————————————————————————————————
db: babita11_pdo
u: babita11_pdo11
p = -_-.seMmokTeLlL011odigoh3h33..-_-
--------------------------------
- What is PDO? access layer
Why?
- secure against SQl injection attacks
- they are resonably fast
- support multiple database servers
- exceptions handling
- object oriented approach
dbname = babita11_pdo
user = babita11_pdo11
pass = _5sSwe.-.is5St1ger_11.2dDe3
Add User To Database
Manage User Privileges
User: babita11_pdo11
Database: babita11_pdo
User “babita11_pdo11” could not be added to the database “babita11_pdo”. (XID m4rv99) Database Error: Can't find any matching row in the user table
$con = new PDO("mysql:host=localhost;dbname=babita11_pdo","root","root");
if($con){
echo "We are connected";
}
—————————————————————————————————————————————
http://www.mrwebmaster.it/php/prepared-statements-pdo_11901.html
—————————————————————————
// definizione delle variabili per la query
$contatto_cognome = "Pellico";
$contatto_anni_vissuti = 64;
// preparazione della query SQL
$sql = $connessione->prepare("SELECT nome FROM contatti WHERE cognome = :contatto_cognome AND anni_vissuti = :contatto_anni_vissuti");
// bind dei parametri
$sql->bindParam(':contatto_cognome', $contatto_cognome, PDO::PARAM_STR, 7);
$sql->bindParam(':contatto_anni_vissuti', $contatto_anni_vissuti, PDO::PARAM_INT);
$sql->execute();