How to change from mysql to pdo using prepared statements in PHP?

Question

How to change from mysql to pdo using prepared statements in PHP?

$dml = "insert into bookmark(accountId,category,url,hash,title,created) value($_SESSION[accountId],$_POST[category],'$_POST[url]',md5('$_POST[url]'),'$_POST[title]',now())"; mysql_query($dml,$con);

How to do this using prepared statements in PDO?

+2

php pdo

user198729 Feb 06 '10 at 3:38

source share

2 answers

 $dml = $db->prepare("INSERT INTO bookmark (accountId, category, url, hash, title, created) VALUES (:account_id, :category, :url, MD5(:url), :title, NOW());"); $dml->bindParam(':account_id', $_SESSION['accountId']); $dml->bindParam(':category', $_POST['category']); $dml->bindParam(':url', $_POST['url']); $dml->bindParam(':title', $_POST['title']); $dml->execute();

+2

Brock batsell Feb 06 '10 at 4:04

source share

Adrian · Accepted Answer · 2010-02-06T04:05:09+0000

  $ dml = "INSERT INTO bookmark (accountId, category, url, hash, title, created)"
     .  "VALUES (: accountId,: category,: url, MD5 (: url),: title, NOW ())";
 $ statement = $ pdo-> prepare ($ dml);
 $ parameters = array (
     ": accountId" => $ _SESSION ["accountId"],
     ": category" => $ _POST ["category"],
     ": url" => $ _POST ["url"],
     ": title" => $ _POST ["title"]);
 $ statement-> execute ($ parameters);

How to change from mysql to pdo using prepared statements in PHP?

More articles: