0

This is my first time to try PDO and still learning it. I am more familiar in using mysql or mysqli in developing php system.

After deep searching and searching I still can't seem to understand how to query using PDO

In my code I used mysqli inside a function to be called in index.php

function getUsery(){
    $ip = getIPAddress();
    $query = mysqli_query("select userID from tblUsers where logged='1'  AND ip='$ip'");
    $row = mysqli_fetch_array($query);  
    $emp = $row['userID'];
    $logged = $row['logged'];
    $userlvl = $row['userLevel'];
    $_SESSION['logged'] = $logged;
    $_SESSION['userLevel'] = $userlvl;
    return $emp;
}

I don't really know how to select sql query using PDO with 'where' statement. Most of what I found is using array with no 'where' statement

How can I select the userID where logged is equal to '1' and ip is equal to the computer's ip address and return and display the result to the index.php

Improve this question
5
  • 1
    Ouch! SQL injection anyone? Commented Jul 9, 2018 at 8:18
  • do you know how to declare database connection in PDO? Commented Jul 9, 2018 at 8:19
  • @david yes, just learned it through web searching (self learning) I already declared database connection using PDO Commented Jul 9, 2018 at 8:24
  • 1
    Take a looky here, it's probably the best tutorial on using PDO which lots of examples (like where): phpdelusions.net/pdo Commented Jul 9, 2018 at 8:25
  • @Loek thanks will read this. hope i will understand this Commented Jul 9, 2018 at 8:47

3 Answers 3

Reset to default
1

There's SQL statement with WHERE in PDO

$sql = "SELECT * FROM Users 
WHERE userID = ?";
$result = $pdo->prepare($sql);
$result->execute([$id]);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Assuming that you know how to connect database using PDO, here is how to select SQL with PDO.

$stmt = $db->prepare("select userID from tblUsers where logged = '1' AND ip = :ip");
$stmt->execute(array('ip' => $ip));
$listArray = $stmt->fetchAll();

Notice the :ip at the end of SELECT. If you don't use ? as a parameters, the prefix : is mandatory and the word after that should be the same as the key in the execute function.

EDIT

In case that the above code is inside the function and $db is outside the function, declare $db as global variable inside the function.

Improve this answer

2 Comments

thank you. do you know if i can use this inside a function?
yes, of course. If your database connection is set outside of function, you can use the variable that have PDO connection by declaring it as global in your function.
0

This one is imo one of best guides on PDO and how to use it: https://phpdelusions.net/pdo WHERE is a part of query and queries in PDO are not much different from pure *sql queries, just there is going on a bit filtering on execution. Read the guide carefully and you will be able to execute any query you need to.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.