Hi there, happy new year to all!
I started using PDO few weeks ago, and I am trying to figure out what is the best way to use it....I just put 3 samples bellow and I was hoping you can tell me what is the most secure and professional way of using it.
<?
//db Connection
$db = new PDO("mysql:host=$db_host;dbname=$db_name",$db_user,$db_pass);
class account
{
function __construct()
{
global $db;
$this->db = $db;
}
function getRecord($account_id)
{
$sql = "SELECT * FROM accounts WHERE account_id=".mysql_real_escape_string($account_id);
$rs = $this->db->query($sql) or die("failed!");
while($row = $rs->fetch(PDO::FETCH_ASSOC)){
$result[] = $row;
}
return $result;
}
}
$Account = new account();
// *
// * OR
// *
class account
{
function __construct()
{
}
function getRecord($account_id)
{
global $db;
$sql = "SELECT * FROM accounts WHERE account_id=".mysql_real_escape_string($account_id);
$rs = $this->db->query($sql) or die("failed!");
while($row = $rs->fetch(PDO::FETCH_ASSOC)){
$result[] = $row;
}
return $result;
}
}
$Account = new account();
// *
// * OR
// *
class account
{
function __construct($db)
{
$this->db = $db;
}
function getRecord($account_id)
{
$sql = "SELECT * FROM accounts WHERE account_id=".mysql_real_escape_string($account_id);
$rs = $this->db->query($sql) or die("failed!");
while($row = $rs->fetch(PDO::FETCH_ASSOC)){
$result[] = $row;
}
return $result;
}
}
$Account = new account($db);
?>