开箱即用的魔术.与PDO


Out of the box magic.. With PDO

        try{
            $pdo = new PDO("mysql:host=localhost;dbname=name", 'user', 'pass');
            $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
            $statement = "SELECT id FROM users WHERE email LIKE ?";
            $stmt = $pdo->prepare($statement);
            $stmt->bindParam(1, htmlspecialchars($this->params['email']), PDO::PARAM_STR);
            $stmt->setFetchMode(PDO::FETCH_ASSOC);
            $row = $stmt->fetch();
        }catch (PDOException $e) {
            echo $e;
        }
        print_r($row[0]['id']);
        if(is_int($row[0]) > 0) {
            throw new Exception();
        } elseif(is_int($row[0]) > 0) {
            //Generating encryption
            $crypt = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_CBC, '');
            $iv = mcrypt_create_iv(32, MCRYPT_RAND);
            $key = mcrypt_create_iv(32, MCRYPT_RAND);
            $password = mcrypt_create_iv(12, MCRYPT_RAND);
            mcrypt_generic_init($crypt, $key, $iv);
            $crypted = mcrypt_generic($crypt, $password);

            $activation = mcrypt_create_iv(128, MCRYPT_RAND);
            mcrypt_generic_deinit($crypt);


            try{
                $pdo = new PDO("mysql:host=localhost;dbname=name", 'user', 'pass');
                $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
                $statement = "INSERT INTO users(name, password, cryptokey, cryptovector, email, activation_code, active, usertype) values(?, ?, ?, ?, ?, ?, 0, ?); ";
                $stmt = $pdo->prepare($statement);
                $stmt->bindParam(1, mysql_real_escape_string($this->params['name']), PDO::PARAM_STR);
                $stmt->bindParam(2, $password, PDO::PARAM_STR);
                $stmt->bindParam(3, $key, PDO::PARAM_STR);
                $stmt->bindParam(4, $iv, PDO::PARAM_STR);
                $stmt->bindParam(5, mysql_real_escape_string($this->params['email']), PDO::PARAM_STR);
                $stmt->bindParam(6, $activation, PDO::PARAM_STR);
                $stmt->bindParam(7, mysql_real_escape_string($this->params['acctype']), PDO::PARAM_STR);
                $stmt = null;
            }catch (PDOException $e) {
                print_r($e);
            }

            $smarty = new Smarty();
            $smarty->assign('NAMES',$this->params['name']);
            $smarty->assign('UNIT', $this->params['acctype']);
            $smarty->assign('KEYPASS',$password);
            $smarty->assign('NAMES',$this->params['name']);
            $smarty->assign('ACTIVATION_LINK','https://localhost/profile.php?action=activate&key='.urlencode($activation).'&email='.urlencode($this->params['email']));
            $msgBody = $smarty->fetch('templates/default/mail.html');
            try {
                $mail = new PHPMailer();
                $mail->Host = "server";
                $mail->SMTPAuth = TRUE;
                $mail->Host = "server";
                $mail->Port = 25;
                $mail->Username = "email";
                $mail->Password = "password";
                $mail->AddAddress($this->params['email']);
                $mail->SetFrom('test@example', 'test Services');
                $mail->Subject = 'Confirm registration and login credentials.';
                $mail->MsgHTML($msgBody);    // attachment
                #$mail->Send();
                echo 'localhost/profile.php?action=verify&key='.base64_encode($activation).'&email='.urlencode($this->params['email']);
            } catch (phpmailerException $e) {
                #echo $e; //Pretty error messages from PHPMailer
                print_r($e);
            } catch (Exception $e) {
                echo $e; //Boring error messages from anything else!
                print_r($e);
            }

        }
    }

这是我的身份验证方法。 __construct($arg 1, $arg 2); $arg 1 获取操作,$arg 2 获取 $self::p arams 获取在这种情况下所需的变量电子邮件名称和密码。它打印激活链接用于测试目的,当它这样做时,我看到它后面的 Array( )。具有 isset($row) 的 if 语句没有做它所做的事情,因为它告诉我的脚本设置了行。当我print_r它时,我看不到...当回声时,我看到数组( )....我在 PHP 5.4 中使用 Zend 服务器 CE,我有一个结构如下的表:

id, - 名称, - 密码, - 加密密钥, - 加密向量, - 电子邮件, - activation_code, -

活动, - 用户类型
1, - J.史密斯, - pwd

, - 键, - 矢量, - some@mail, - 激活码, - 0, - 候选人

代码中缺少$stmt->execute();。这是我碰巧在 eclipse 中拥有的代码示例:

$sql="select id from users where userName=:userName";
$this->prepared = $this->mysqlAccess->con->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
$this->prepared->execute(array(':userName' => $this->username));

准备语句时,需要先执行该语句,然后才能查询结果。