0

I am working in a project which is perfectly fine while using mysql but i need to do it using oci. This is a short code where i am having problem. The problem is $stmt->execute(['code'=>$_GET['code'], 'id'=>$_GET['user']]);. What must be written instead of this in oci?

in my sql:

$conn = $pdo->open();

        $stmt = $conn->prepare("SELECT *, COUNT(*) AS numrows FROM users WHERE activate_code=:code AND id=:id");
        $stmt->execute(['code'=>$_GET['code'], 'id'=>$_GET['user']]);
        $row = $stmt->fetch();

I used this in oci:

$sql = "SELECT *, COUNT(*) AS numrows FROM users WHERE user_name=$user_name";
        $stmt = oci_parse($conn, $sql);
        $row = oci_execute($stmt);
Aaheana
  • 1
  • 5
  • *This is a short code where i am having problem* - would help if you described the problem, adding any error messages if generated/reported. – Nigel Ren May 24 '20 at 08:12
  • Also worth looking at https://stackoverflow.com/questions/35292582/passing-php-variable-to-sql-query-in-oci-parse to see how to pass parameters properly. – Nigel Ren May 24 '20 at 08:14
  • you're using PDO which is a cross-platform library. You can connect to Oracle using PDO just like you can connect to MySQL using PDO - see https://www.php.net/manual/en/ref.pdo-oci.php . Why do you think you need to switch to oci in your PHP? You can probably get away without changing your code at all apart from the connection string, and maybe some bits of SQL syntax in specific queries. – ADyson May 24 '20 at 08:18
  • `user_name=$user_name`, you most likely need to quote string values in oci as well. Either way, as mentioned, stick to PDO and prepared statements instead of rewriting it to be less secure. The two queries don't have the same logic though? – M. Eriksson May 24 '20 at 08:26

0 Answers0