Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $host = "localhost";
- $username ="user";
- $password = "password";
- $db = "db";
- $charset="utf8";
- //old
- mysql_connect($host,$username,$password) or die("failed to connect");
- mysql_select_db($db) or die("db not exists");
- mysql_query("SET NAMES '".$charset."'") or die("failed to set collation");
- //new
- try{
- $dsn = sprintf("mysql:host=%s;dbname=%s;charset=%s",$host,$db,$charset);
- $pdo = new PDO($dsn,$username,$password);
- $pdo->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);
- }catch(PDOException $e){
- die($e->getMessage());
- }
- //old
- $sql = "SELECT * FROM table WHERE foo = '".mysql_real_escape_string($_GET['foo'])."'";
- $result = mysql_query($sql) or die("failed to execute sql ".mysql_error());
- while($row = mysql_fetch_assoc($result)){
- echo $row['field1'];
- }
- //new
- $sql = "SELECT * FROM table WHERE foo = ".$pdo->quote($_GET['foo']);
- try{
- $statement = $pdo->query($sql);
- }catch(PDOException $e){
- die("failed to execute sql ".$e->getMessage());
- }
- while($row = $statement->fetch(PDO::FETCH_ASSOC)){
- echo $row['field1'];
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement