Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(-1);
- ini_set('display_errors', 1);
- $serverName = "";
- $userName = "";
- $password = "";
- $dbName = "";
- $isPHPAuth = false;
- try
- {
- $myPDO = new PDO("mysql:host=$serverName;dbname=$dbName;charset=latin1", $userName, $password);
- $myPDO->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $isPHPAuth = true;
- }
- catch(exception $e)
- {
- echo("Unable to Connect" . $e->getMessage());
- }
- if ($isPHPAuth)
- {
- try
- {
- if (isset($_GET["selection"]))
- {
- $username = $_GET['username'];
- $stm = $myPDO->prepare("SELECT * FROM mediasystem_purchases WHERE customer name == :parameter;");
- $stm->bindParam(':parameter', $username, PDO::PARAM_STR); // injection protection way of using variables in statements
- $stm->execute();
- while($result = $stm->fetch(PDO::FETCH_ASSOC))
- {
- print('ID: '$result['id']);
- }
- }
- else
- {
- echo("ERROR: GET NOT SET...");
- }
- }
- Catch(Exception $e)
- {
- echo("statement error: " . $e->getMessage());
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement