有人可以告诉我,当你prepare()
声明(在我的情况下更新声明),然后它,然后我检查使用rowCount()
后更新查询(见下面的代码)如果rowCount() > 0
如果它是然后找到匹配和更新发生了,但是我得到了另一个声明。PHP PDO,需要确保我明白我的代码是什么?
为了确保我不会将自己与语句中的语法错误和条件混淆,我想问下我的代码(详细注释了具体的区域)else语句基本上意味着无法更新,因为匹配不是发现和/或可能的语法错误或一些其他错误?我认为这意味着我大胆表达的意思只是想确保我不会让自己感到困惑。
请在准备语句中忽略SQL UPDATE语法本身,因为它是错误的,将在稍后处理。我认为该代码解释更好,并在我所谈论的领域提供详细的评论。
// check if key is set and alphanumeric and equals 40 chars long
// we use sha1 so it will always be 40 chars long.
if(isset($_GET['key']) && ctype_alnum($_GET['key']) && strlen($_GET['key']) == 40){
$key = trim($_GET['key']);
}
// if key isset and valid
if(isset($key)){
try {
// connect to database
$dbh = sql_con();
// checke if activation key matches and user_uid matches
$stmt = $dbh->prepare("
SELECT
users_status.user_uid,
users_status.user_activation_key
FROM
users_status
JOIN
users
ON
users_status.user_activation_key = ?
AND
users_status.user_uid = users.user_uid LIMIT 1");
// execute query
$stmt->execute(array($key));
// if row count greater than 0 then match found
if ($stmt->rowCount() > 0) {
// user verified; we now must update users status in users table to active = 1
// and set the user_activation_key in the users_status to NULL
$stmt = $dbh->prepare("
UPDATE
users.user_status,
users_status.user_activation_key
SET
user_status = ".USER_STATUS_ACTIVE.",
user_activation_key = NULL
JOIN
users
ON
users_status.user_activation_key = ?
AND
users_status.user_uid = users.user_uid LIMIT 1");
// execute query
$stmt->execute(array($key));
if ($stmt->rowCount() > 0) {
echo 'account now activated';
exit;
} else {
// update not sucessful
// THIS IS THE BIT IM CONFUSED WITH;
// IF RETURNED RESULT IS 0 (WHICH IT WILL BE IF I GET HERE WHEN RUNNING SCRIPT)
// THEN I GUESS THAT MEANS THERE WAS NOT AN ERROR IN SQL SYNTAX BUT
// CONDITION IN SQL STATEMENT COULD NOT BE MATCHED ? IS THAT CORRECT WHAT I AM THINKING ?
// IF I AM CORRECT THEN OBVIOUSLY I WILL DISPLAY A MESSAGE TO USER AND EXIT HERE;
// AS IF I AM THINKING RITE ANY SYNTAX ERROR WOULD BE CAUGHT BY CATCH BLOCK AND THIS ELSE STATEMENT
// MEANS COULD NOT UPDATE BECAUSE NO MATCH IN UPDATE QUERY COULD BE FOUND ?
}
} // else no match found
else {
// no match found invalid key
echo '<h1>Invalid Activation Link</h1>';
$SiteErrorMessages =
"Oops! Your account could not be activated. Please recheck the link in your email.
The activation link could not be found or the account has already been activated.";
SiteErrorMessages();
include($footer_inc);
exit;
}
// close database connection
$dbh = null;
} // if any errors found log them and display friendly message
catch (PDOException $e) {
ExceptionErrorHandler($e);
require_once($footer_inc);
exit;
}
} else {
// else key not valid or set
echo '<h1>Invalid Activation Link</h1>';
$SiteErrorMessages =
"Oops! Your account could not be activated. Please recheck the link in your email.
The activation link appears to be invalid.<br /><br />
If the problem persists please request a new one <a href='/member/resend-activation-email'>here</a>.";
SiteErrorMessages();
include($footer_inc);
exit;
}
如果你正在寻求反馈改进工作代码,那么你最好还是问上http://codereview.stackexchange.com/ – GordonM 2012-04-15 10:12:41
不,我不是问我的思维逻辑是否正确。 – PHPLOVER 2012-04-15 10:14:21
'msqls()'做了什么?如果它是任何类型的逃跑,摆脱它。通过使用PDO准备的语句,您不必逃避;实际上,转义会添加额外的反斜杠或引号,而这些反斜杠或引号在数据库中通常不需要。 – ThiefMaster 2012-04-15 10:20:33