public function dataConnectivity() { try { $dbh = new PDO('mysql:host=localhost;dbname=exads', 'root', 'root', array(PDO::ATTR_PERSISTENT => false)); $stmt = $dbh->prepare("SELECT name,age,job_title FROM exads_test"); $stmt->execute(); $rows = $stmt->fetchAll(PDO::FETCH_ASSOC); print_r($rows); unset($stmt); $name = "Sara"; $age = 32; $title = "developer"; $stmt = $dbh->prepare("INSERT INTO exads_test (name,age,job_title) VALUES (:name,:age,:job_title);"); $dbh->bindParam(":name", $name, PDO::PARAM_STR); $dbh->bindParam(":age", $age, PDO::PARAM_INT); $dbh->bindParam(":job_title", $title, PDO::PARAM_STR); $stmt->execute(); unset($stmt); } catch (PDOException $e) { print "Error!: " . $e->getMessage() . "<br/>"; die; } }
<?php $oDb = new PDO("sqlite:" . __DIR__ . "/cds.sqlite"); //$sQuery = "';DROP DATABASE testme;#'"; $sQuery = "pop"; if (isset($_GET['Genre'])) { $sQuery = $_GET['Genre']; } $oDb->prepare("SELECT * FROM `cds` WHERE genre = :genre"); $oDb->bindParam("genre", $sQuery); $oDb->execute(); $aResults = $oDb->fetchAll(PDO::FETCH_OBJ); echo json_encode($aResults);