Hey all,
I need to switch from mysqli to PDO lib, and what I managed to to is to connect to database and list existing entries, but when I’m trying to insert I’m having a problems.
Here’s what I previously had in mysqli:
$firstName = $db-> real_escape_string($_POST['first_name']); $lastName = $db->real_escape_string($_POST['last_name']); $licnakarta = $db->real_escape_string($_POST['licnakarta']); $sql = "INSERT INTO subjects (first_name,last_name,licnakarta,kompanija,regbr,kategorija,brdokumenta,domacin,comment,potpis) VALUES('".$firstName."', '".$lastName."', '".$licnakarta ."', '".$kompanija ."', '".$regbr."', '".$dep."', '".$brdokumenta."', '".$dom."', '".$comment."', '".$potpis."')";
This is processing when form input is sent, and I’m not sure if how to change real_escape_string, from what I understand I won’t need that at all as I’m using the prepare when running queries?
In that case, how should I handle this variables and pass it to query? I tried to just leave $firstName = $_POST[‘first_name’] but it won’t insert anything to db.
as for $sql, i changed it to:
$sql = 'INSERT INTO subjects (first_name,last_name,licnakarta,kompanija,regbr,kategorija,brdokumenta,domacin,comment,potpis) VALUES(:firstname, :lastname, :licnakarta, :kompanija, :regbr, :dep, :brdokumenta, :dom, :comment, :potpis)'; $success = $db->prepare($sql); $stmt->execute(['firstname' => $firstName, 'lastname' => $lastName, 'licnakarta' => $licnakarta, 'kompanija' => $kompanija, 'regbr' => $regbr, 'kategorija' => $dep, 'brdokumenta' => $brdokumenta, 'domacin' => $dom, 'comment' => $comment, 'potpis' => $potpis]);