在mysqli服务器中,我使用下面的代码来选择url代码指定的列:
include "init.php";
$get=$_GET["action"];
$sql = mysqli_query($conn, "SELECT * FROM $get ORDER BY id DESC LIMIT 6");
$productCount = mysqli_num_rows($sql); // count the output amount
if ($productCount > 0)
{
while($row = mysqli_fetch_array($sql)){
$id = $row["id"];
$jjode = $row["code"];
$product_name = $row["network"];
$details = $row["details"];
$logo = $row["logo"];
$price = $row["price"];
}
我尝试在我的pdo服务器中使用它,如代码:
include "init.php";
$get=$_GET["action"];
$sql = $conn->prepare("SELECT id,code,network,details,logo,price FROM $get ORDER BY id DESC LIMIT 6");
$sql->execute();
$row = $sql->fetchAll();
if(count($row) > 0)
{
$id = $row["id"];
$jjode = $row["code"];
$product_name = $row["network"];
$details = $row["details"];
$logo = $row["logo"];
$price = $row["price"];
}
但它没有输出更好的结果请我如何使用pdo提前实现这一点
两个代码清单都不安全。使用白名单获取$ get。
你应该循环fetchAll的结果
$rows = $sql->fetchAll();
foreach ($rows as $row)
{
$id = $row["id"];
$jjode = $row["code"];
$product_name = $row["network"];
$details = $row["details"];
$logo = $row["logo"];
$price = $row["price"];
}