Jump to content

I want to use PDO functions instead of mysql_* functions? (e.g. mysql_query(), mysql_connect() or mysql_real_escape_string())? So what should I change about this code so it's PDO?


Bramdon3000
 Share

Recommended Posts

<?php

$con=mysql_connect ("localhost","root","");

if(!$db) {

echo "Unable to establish connection".mysql_error();

}

$db=mysql_select_db ("Water Tower 2000 r",$con);

if(!$db){

 echo "Database not found".mysql_error();

 }

 if (isset ($_POST ['submit'])) {

 $username = $_POST ['username'];

 $password = $_POST ['pwd'];

 $query="select * from login where username= '$username' and password= '$password' and

 type='$type'";

$result=mysql_query($query);

 

while($row=mysql_fecth_array($result)){

    if($row['username']==$username && $row ['password']==$password && $row['type']=='

    Admin'){

     header ("Location:admin.html");

    }else($row['username']==$username && $row ['password']==$password && $row['type']=='

    Parent') {

        header ("Location:parent.html");

    } elseif ($row['username']==$username && $row ['password']==$password && $row['type']=='

    Swimmer'){

     header ("Location:swimmer.html");

    }

 

   }

}

?>

 

Link to comment
Share on other sites

With more than a little rewriting (avoiding missing variable definitions, mis-spelt function names and illegal syntax)

<?php
const HOST     = 'localhost';                                                          
const USERNAME = 'root';                                                               
const PASSWORD = '';                                                               
const DATABASE = 'test';               // default db                                  
                                                                                
function pdoConnect($dbname=DATABASE)                                                  
{                                                                                      
    $db = new PDO("mysql:host=".HOST.";dbname=$dbname;charset=utf8",USERNAME,PASSWORD);
    $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);                      
    $db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);                 
    $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);                              
    return $db;                                                                        
}                                                                                      

### CODE ABOVE BELONGS IN AN INCLUDED FILE ###################################################################

$pdo = pdoConnect('Water Tower 2000 r');
 
if ($_SERVER['REQUEST_METHOD']=='POST') {
    
    $stmt = $pdo->prepare("SELECT type
                             FROM login
                             WHERE username = ? AND password = ?
                            ");
    $stmt->execute( [ $_POST['username'], $_POST['pwd'] ] );
    $type = $stmt->fetchColumn();
    switch ($type) {
        case 'Admin': header("Location: admin.html"); exit;
        case 'Parent': header("Location: parent.html"); exit;
        case 'Swimmer': header("Location: swimmer.html"); exit;
        default: exit("Unknown user type");
    }
    
}

 

Edited by Barand
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.