this is php and html class

Download (all file bellow.)Links to an external site.

Unzip the files and create a subfolder called pdo. Copy every file from subfolder proc and modify every php file with PDO syntax.

You need to use your own connection info for webserver and MySQL DB. to do this

-------conn_proc-------

/** * Created by PhpStorm. * User: zw251y * Date: 3/10/2016 * Time: 2:45 PM */

$servername = "localhost"; $username = "ad320"; $password = "ad320_test"; $dbname = "ad320";

// Create connection $conn = mysqli_connect($servername, $username, $password, $dbname); // Check connection if (!$conn) { die("Connection failed: " . mysqli_connect_error()); }

------delete-----

/** * Created by PhpStorm. * User: zw251y * Date: 3/10/2016 * Time: 2:56 PM */

include "conn_proc.php";

// sql to delete a record $sql = "DELETE FROM MyGuests WHERE id= 5";

if (mysqli_query($conn, $sql)) { echo "Record deleted successfully"; } else { echo "Error deleting record: " . mysqli_error($conn); }

mysqli_close($conn);

----------------------insert_conn--------------

/** * Created by PhpStorm. * User: zw251y * Date: 3/10/2016 * Time: 2:45 PM */

include "conn_proc.php";

$sql = "INSERT INTO MyGuests (firstname, lastname, email) VALUES ('John', 'Doe', 'john@example.com')";

if (mysqli_query($conn, $sql)) { echo "New record created successfully"; } else { echo "Error: " . $sql . " " . mysqli_error($conn); }

mysqli_close($conn); ?>

-------------------insert_multi----------------

/** * Created by PhpStorm. * User: zw251y * Date: 3/10/2016 * Time: 2:49 PM */ include "conn_proc.php";

$sql = "INSERT INTO MyGuests (firstname, lastname, email) VALUES ('John', 'Doe', 'john@example.com');"; $sql .= "INSERT INTO MyGuests (firstname, lastname, email) VALUES ('Mary', 'Moe', 'mary@example.com');"; $sql .= "INSERT INTO MyGuests (firstname, lastname, email) VALUES ('Julie', 'Dooley', 'julie@example.com')";

echo "Insert statement: $sql ";

if ($conn->multi_query($sql) === TRUE) { echo "New records created successfully"; } else { echo "Error: " . $sql . " " . $conn->error; }

$conn->close();

----------------------insert_ps------------------------

/** * Created by PhpStorm. * User: zw251y * Date: 3/10/2016 * Time: 2:52 PM */ include "conn_proc.php";

/// prepare and bind $stmt = $conn->prepare("INSERT INTO MyGuests (firstname, lastname, email) VALUES (?, ?, ?)"); $stmt->bind_param("sss", $firstname, $lastname, $email);

// set parameters and execute $firstname = "John"; $lastname = "Doe"; $email = "john@example.com"; $stmt->execute();

$firstname = "Mary"; $lastname = "Moe"; $email = "mary@example.com"; $stmt->execute();

$firstname = "Julie"; $lastname = "Dooley"; $email = "julie@example.com"; $stmt->execute();

echo "New records created successfully";

$stmt->close(); $conn->close();

---------------select-----------------------

/** * Created by PhpStorm. * User: zw251y * Date: 3/10/2016 * Time: 2:53 PM */

include "conn_proc.php";

$sql = "SELECT id, firstname, lastname FROM MyGuests"; $result = $conn->query($sql);

$result = mysqli_query($conn, $sql);

if (mysqli_num_rows($result) > 0) { // output data of each row while($row = mysqli_fetch_assoc($result)) { echo "id: " . $row["id"]. " - Name: " . $row["firstname"]. " " . $row["lastname"]. " "; } } else { echo "0 results"; }

mysqli_close($conn);

------------------------select_html_table----------------------

if (mysqli_num_rows($result) > 0) { echo "

"; // output data of each row while($row = mysqli_fetch_assoc($result)) { echo ""; } echo "

ID	Name
{$row['id']}	{$row['firstname']}	{$row['lastname']}

"; } else { echo "0 results"; } $conn->close();

--------------------------select_inject----------------------------

/** * Created by PhpStorm. * User: zw251y * Date: 3/10/2016 * Time: 2:53 PM */

include "conn_proc.php"; $input = "1 or 1=1"; $sql = "SELECT id, firstname, lastname FROM MyGuests WHERE id = $input ";

$result = mysqli_query($conn, $sql);

if (mysqli_num_rows($result) > 0) { // output data of each row while($row = mysqli_fetch_assoc($result)) { echo "id: " . $row["id"]. " - Name: " . $row["firstname"]. " " . $row["lastname"]. " "; } } else { echo "0 results"; }

mysqli_close($conn);

---------------------update---------------

/** * Created by PhpStorm. * User: zw251y * Date: 3/10/2016 * Time: 3:02 PM */ include "conn_proc.php"; $sql = "UPDATE MyGuests SET lastname='Doe' WHERE id=2";

if ($conn->query($sql) === TRUE) { echo "Record updated successfully"; } else { echo "Error updating record: " . $conn->error; }

$conn->close();