如何将此PDO代码转换为MySQLi? [英] How do I convert this PDO code to MySQLi?
问题描述
我对PHP和MySQL还是很陌生,我尝试学习如何将代码从PDO更改为MySQLi.它与我在网上找到的登录系统有关的记住我"功能,带有安全令牌和标识符. 我想学习并了解如何将代码从PDO更改为MySQLi.我知道在MySQLi中有一条创建和准备语句,我也必须绑定参数并执行.但是在这种情况下,我还是不知道如何开始.
I'm quite new to PHP and MySQL and I try to learn how to change a code from PDO to MySQLi. Its about a remember me function with a securitytoken and identifier for a login system that I found in the web. I would like to learn and understand how I can change the code from PDO to MySQLi. I know in MySQLi there is a statement create and prepare, also I have to bind parameters and execute. But in this case, I don't know how to start anyway.
$pdo = new PDO('mysql:host=localhost;dbname=dbname', 'root', '');
if (!isset($_SESSION['id']) && isset($_COOKIE['identifier']) &&
isset($_COOKIE['securitytoken'])) {
$identifier = $_COOKIE['identifier'];
$securitytoken = $_COOKIE['securitytoken'];
$statement = $pdo->prepare("SELECT * FROM securitytokens WHERE identifier = ?");
$result = $statement->execute(array($identifier));
$securitytoken_row = $statement->fetch();
if (sha1($securitytoken) !== $securitytoken_row['securitytoken']) {
die('Maybe a stolen securitytoken.');
} else {
//Token was correct
//Set an new token
$neuer_securitytoken = random_string();
$insert = $pdo->prepare("UPDATE securitytokens SET securitytoken = :securitytoken WHERE identifier = :identifier");
$insert->execute(array('securitytoken' => sha1($neuer_securitytoken), 'identifier' => $identifier));
setcookie("identifier", $identifier, time() + (3600 * 24 * 365)); //1 Year valid
setcookie("securitytoken", $neuer_securitytoken, time() + (3600 * 24 * 365)); //1 Year valid
//Loggin the user
$_SESSION['id'] = $securitytoken_row['id'];
}
}
推荐答案
不要这样做! PDO更简单,并提供更多功能.
Don't do it! PDO is simpler and offers more functionality.
如果您只是想学习MySQLi,就应该牢记以下几点:
If you want to do it just to learn MySQLi then you should keep these things in mind:
-
这是您正确打开连接的方式:
This is how you open the connection properly:
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$mysqli = new mysqli($host, $user, $pass, $db);
$mysqli->set_charset($charset);
MySQLi中没有执行绑定.实际上,根本没有价值约束!您只能按引用绑定,并且必须指定值的类型.
There is no bind-in-execute in MySQLi. In fact there is no bind by value at all! You can only bind by reference and you have to specify the type of the value.
$statement = $mysqli->prepare("SELECT * FROM securitytokens WHERE identifier = ?");
$statement->bind_param('i', $identifier); // i for integer; s for string.
$statement->execute();
MySQLi没有命名的占位符,因此您只需要使用位置的占位符.
MySQLi has no named placeholders, so you need to use positional ones only.
$insert = $mysqli->prepare("UPDATE securitytokens SET securitytoken = ? WHERE identifier = ?");
$sha1ResultDueToPassByRef = sha1($neuer_securitytoken);
$insert->bind_param('si', $sha1ResultDueToPassByRef, $identifier);
$insert->execute();
MySQLi的工作原理完全不同,它返回布尔值.要获得与 PDO的fetch()
相同的结果,您需要 get_result()
,然后使用 fetch_array()
或
The fetch
method in MySQLi works totally differently and it returns boolean. To get the same outcome as PDO's fetch()
you would need to get_result()
and then use fetch_array()
or fetch_assoc()
$securitytoken_row = $statement->get_result()->fetch_array();
这篇关于如何将此PDO代码转换为MySQLi?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!