Possible Duplicate:
Find duplicate records in MySQL
我是一个新手,正在尝试使用此功能在数据库中查找重复项:
function uni($field, $value) {
$sql= "SELECT * FROM user WHERE ".$field." = '".$value."'";
$result = $pdo->query($sql);
$rows = $result->fetchAll(PDO::FETCH_COLUMN, 1);
return count($rows);
}
$username = $_POST['username'];
$result = uni("username", $username);
...我的头要撞到坚固的东西上了。由于某种原因,查询不会返回结果,我不知道为什么。
好的,您正在使用 PDO
,很好。但是,您的代码段仍然容易受到注入(inject)攻击:您仍在将原始用户输入传递给查询。另外,如果您只想要找到的行数,请不要使用 SELECT *
,并且不要获取完整的结果集来计算它们!
function uni($field,$value)
{
$db = new PDO();//make connection, which you don't seem to do
//or (not so good approach):
//global $db;
//Best approach would be to pass the connection to the function, as an extra argument, though
$stmt = $db->prepare('SELECT '.$field.' FROM user WHERE '.$field.' = :value');
if ($stmt->execute(array(':value' => $value)))
{
return $stmt->rowCount();
}
//query failed, throw errors or something
}
阅读docs查看更多示例。
无论如何,您的完整代码应该如下所示:
function uni($field,$value,$db)
{
$stmt = $db->prepare('SELECT '.$field.' FROM user WHERE '.$field.' = :value');
if ($stmt->execute(array(':value' => $value)))
{
return $stmt->rowCount();
}
return false;
}
$username = $_POST['username'];
$result = uni('username', $username,$pdo);//<--pass connection