How to avoid lines in pdo?

Question

How to avoid lines in pdo?

I would like to know how to avoid lines in pdo. I avoid springs, as in the code below, but now with pdo I don't know how to do this.

$username=(isset($_POST['username']))? trim($_POST['username']): ''; $previlage =(isset($_GET['previlage'])); $query ="SELECT * FROM site_user WHERE username = '".mysql_real_escape_string($_SESSION['username'])."' AND previlage ='Admin'"; $security = mysql_query($query)or die (mysql_error($con)); $count = mysql_num_rows($security);

+6

php mysql pdo

humphrey Feb 26 '13 at 14:34

source share

2 answers

mysql_* function will not work in PDO. WHAT FOR? Since PDO does not use mysql to connect to databases, because with regard to data processing PDO uses prepared instructions, you can find a good tutorial for this here: pdo

+2

Nick Feb 26 '13 at 14:37

source share

raina77ow · Accepted Answer · 2013-02-26T14:35:53+0000

Well, you can use PDO :: quote , but as said in your own document ...

If you use this function to create SQL statements, it is highly recommended that you use PDO :: prepare () to prepare SQL statements with bound parameters, instead of using PDO :: quote () to interpolate user input into the SQL statement.

In your case, it might look like this:

 $query = "SELECT * FROM site_user WHERE username = :username AND previlage = 'Admin'"; $sth = $dbh->prepare($query); $sth->execute(array(':username' => $_SESSION['username']) );

How to avoid lines in pdo?

More articles: