FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Clean PDO-MySQL Statement
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Clean PDO-MySQL Statement [message #177682] Fri, 13 April 2012 11:30 Go to previous message
Alexandra Herzog is currently offline  Alexandra Herzog
Messages: 4
Registered: April 2012
Karma:
Junior Member
Hi everyone,

I am using the PDO with MySQL for the first time and created a statement. Besides from individual input validation (which I always do), I would like to know, if you consider the following to be a clean statement:

That's what I figured from googled examples:

include ("pdoconnect.php");
$stmt = $dbh->prepare("SELECT firstname, name FROM telephonebook WHERE from_work = :workstatus ORDER BY :mywish ASC");
$stmt->bindParam(':workstatus', $n, PDO::PARAM_INT);
$stmt->bindParam(':mywish', $value, PDO::PARAM_STR);
$n = 1; $order = "firstname";
$stmt->execute();

echo "<u>".$stmt->rowCount()."</u>\r\n";
while ($row = $stmt->fetch())
echo $row['firstname']."&nbsp;".$row['name']."<br>";
$stmt->closeCursor();
$dbh = null;


in pdoconnect.php:
-----------------------
try
{ $dbh = new PDO('mysql:host=host1.myhost.com;dbname=mydb1', alex, mypass);
foreach ($dbh->query('SELECT * from FOO') as $row)
{ print_r($row); }
}
catch(PDOException $e)
{ print "Database connection error!<br/>";
die();
}

I tried to prevent SQL injection methods by specifying PDO::PARAM*, and closing the statement and connection properly.

Is this a correct example? Or should I improve something?

Any hints greatly appreciated, since I am about to change all my scripts to this :-)
Thanks, Alex
[Message index]
 
Read Message
Read Message
Read Message
Previous Topic: OOP versus Procedural/Functional
Next Topic: Prep. Statements only in mysql-i?
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Nov 07 19:25:40 GMT 2024

Total time taken to generate the page: 0.03790 seconds