Safeguard mysql CRUD
Posted: Tue Apr 26, 2011 9:19 pm
Hi guys,
I am connecting to mysql database like below:
db-connection.php
get-user.php
Appreciate any advice please. Thanks in advance!
best regards,
Mark Thien
I am connecting to mysql database like below:
db-connection.php
Code: Select all
<?php
class DBConnection {
private $con = null;
private $host = 'localhost';
private $connection_string = 'mysql:host=localhost;dbname=ifnoresponse';
private $username = 'ifnoresponse';
private $dbname = 'ifnoresponse';
private $password = 'ifnoresp*pass';
function __construct() {
}
public function getConnection(){
if($this->con == null){
try {
$this->con = new PDO($this->connection_string, $this->username, $this->password);
$this->con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
error_log($e->getMessage());
}
}
return $this->con;
}
function closeConnection(){
$this->con = null;
}
public function getHost(){
return $this->host;
}
public function getUsername(){
return $this->username;
}
public function getPassword(){
return $this->password;
}
public function getDbname(){
return $this->dbname;
}
}
?>Code: Select all
<?php
header('Content-type: text/html; charset=UTF-8');
header('Cache-Control: no-cache');
require_once('db-connection.php');
$conn = new DBConnection();
try{
// the actual query for the grid data
$sql = "select count(*) as cnt from user where username = :username";
$stmt = $conn->getConnection()->prepare($sql);
$stmt->bindValue(':username', $email, PDO::PARAM_STR);
$count = 0;
$stmt->execute();
while ($row = $stmt->fetch()) {
$count = $row['cnt'];
}
$stmt->closeCursor();
$conn->closeConnection();
} catch(PDOException $e) {
error_log($e->getMessage());
}
?>
best regards,
Mark Thien