[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Transitioning to PDO/MySQL.  Need help  with SELECT statement.

Posted on 2014-12-07
2
Medium Priority
?
96 Views
Last Modified: 2014-12-07
How do I transition this select statement to PDO with PHP?

$result1 = mysql_query("SELECT * FROM `product_description`");
while($row1 = mysql_fetch_assoc($result1))
{


mysql_query("INSERT INTO `product_description` (`product_id`, `name`, `description`, short_description) VALUES ('".mysql_real_escape_string($row1['product_id'])."','".mysql_real_escape_string($row1['name'])."','".mysql_real_escape_string($row1['description'])."','".mysql_real_escape_string($row1['short_desc'])."')");


}

Open in new window

0
Comment
Question by:lawrence_dev
2 Comments
 
LVL 58

Accepted Solution

by:
Gary earned 2000 total points
ID: 40485785
<?php
$database_name = "";
$username = "";
$password = "";

$conn = new PDO('mysql:host=localhost;dbname='.$database_name, $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

// Get rows
$result = $conn->query("SELECT * FROM `product_description`");

// Prepare the update sql
$do_update = $conn->prepare("INSERT INTO `product_description` (`product_id`, `name`, `description`, `short_description`)
VALUES (:product_id, :name, :description, :short_desc)");

while ($row = $result->fetch(PDO::FETCH_ASSOC)){
{

	// Execute the update for each row
	$do_update->execute(array(
		':product_id'	=>	$row['product_id'],
		':name'		=>	$row['name'],
		':description'	=>	$row['description'],
		':short_desc'	=>	$row['short_desc']
	));
}

Open in new window

0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 40485869
Here's an article covering most of the aspects of the conversion.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/PHP_Databases/A_11177-PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html

In the case of the SELECT statement, there are no changes needed at all.  Things only change when you use external variables as part of the query.  The article explains why and shows a few ways of making the transition from direct variable injection (into the query string) and indirect injection via parameterized queries or placeholders.
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to dynamically set the form action using jQuery.
Suggested Courses

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question