MYSQLI 到 PDO 指南
我正在慢慢地将有 MSQLI 的网站页面转换为 PDO。但是我有登录脚本的这一部分,我不确定它是否可以在 PDO 中完成,如果不能,是否有人对如何使其安全有任何建议。它与下面的代码部分有关,它是一个与 $pass_fail 变量相关的多查询,然后是一个我可能可以解决的单个选择查询 $pass_fail_query 变量。但它是我在使用 PDO 时遇到的多查询,我该如何执行它?
$pass_fail = "
DELETE FROM `login_fail`
WHERE
`last_fail_login` < DATE_SUB(NOW(), INTERVAL 5 MINUTE);
";
$pass_fail .= "
INSERT INTO login_fail (
user_id,
email,
last_fail_login,
fail_login_ip
) VALUES (
'$user_id',
'$email',
'$last_login_date',
'$ip'
);
";
$pass_fail .= "
UPDATE members SET
`last_fail_login` = '$last_login',
`fail_login_ip`= '$ip'
WHERE
email = '$email'
";
$pass_fail_query = "
SELECT
*
FROM `login_fail`
WHERE
`email` = '$email'
AND `last_fail_login` > date_sub(now(), interval 5 minute)
";
皈依舞1回答
-
慕森卡
只需将它们创建为单独的查询。$pass_fail_delete = $pdo->prepare(" DELETE FROM `login_fail` WHERE `last_fail_login` < DATE_SUB(NOW(), INTERVAL 5 MINUTE);");$pass_fail_insert = $pdo->prepare(" INSERT INTO login_fail ( user_id, email, last_fail_login, fail_login_ip ) VALUES ( :user_id, :email, :last_login_date, :ip );");$pass_fail_update = $pdo->prepare(" UPDATE members SET `last_fail_login` = :last_login, `fail_login_ip`= :ip WHERE email = :email");$pass_fail_query = $pdo->prepare(" SELECT * FROM `login_fail` WHERE `email` = :email AND `last_fail_login` > date_sub(now(), interval 5 minute)");然后,而不是使用mysqli_multi_query()执行$pass_fail在一个调用,执行3个查询:$pass_fail_delete->execute();$pass_fail_insert->execute([':user_id' => $user_id, ':email' => $email, ':last_login_date' => $last_login_date, ':ip' => $ip]);$pass_fail_update->execute([':last_login' => $last_login, ':ip' => $ip, ':email' => $email]);$pass_fail_query->execute([':email' => $email]);
随时随地看视频慕课网APP
PHP