How to use pdo using require once & how to prevent sql injec
Posted: Fri Oct 24, 2008 3:05 am
hi there I have two pages
page1.php
page2.php
I receive this error when I run page2.php
I also need to know how to make this query immune to sql injection
any help would be appreciated
page1.php
Code: Select all
$dsn = "mysql:dbname=". $dbName .";'". $dbServerAddress ."'";
$db = new PDO($dsn,$dbUsername,$dbPassword);
Code: Select all
require_once "../page1.php";
$articleexists = 0;
$sql = sprintf("SELECT body, title, intro,keywords,authorname,editeddate FROM articles where id=%d;",$articlenumber);
foreach ($db->query($sql) as $row) {
$articleexists = 1;
$maincontent = $row['body']; //returnArticle($articlenumber);
$pagetitle = $row['title'];
$pagedescription =$row['intro'];
$keywords = $row['keywords'];
$author = $row['authorname'];
$lastrevisiondate = $row['editeddate'];
}
if ($articleexists ==0)
echo "not found!";
I wanna know how I can use a variable in page2.php that I have defined in page1.phpCall to a member function query() on a non-object in
I also need to know how to make this query immune to sql injection
any help would be appreciated