<?php
namespace App;
class Database{
/**
* @var \PDO
*/
private $pdo;
/**
* Database constructor.
*/
public function __construct()
{
$this->connect();
}
/**
* @return $this
*/
private function connect()
{
$config = require_once 'config.php';
$dsn = 'mysql:host='.$config['host'].';dbname='.$config['db'].';charset='.$config['charset'];
$this->pdo = new \PDO($dsn, $config['username'], $config['password']);
return $this;
}
/**
* @param $sql
* @return mixed
*/
public function execute($sql)
{
$sth = $this->pdo->prepare($sql);
return $sth->execute();
}
public function query($sql)
{
$exe = $this->execute($sql);
$result = $exe->fetchAll(\PDO::FETCH_ASSOC);
if ($result === false){
return [];
}
return $result;
}
/**
* @param $value
* @return false|string
*/
public function escape($value){
return $this->pdo->quote($value);
}
}
<form method="post" action="server.php">
<div class="form-row mt-4">
<div class="form-group col-md-6">
<label for="inputEmail4">Ваше имя</label>
<input name="NAME" type="text" class="form-control" id="inputEmail4">
</div>
<div class="form-group col-md-6">
<label for="inputPassword4">Описание</label>
<input name="DESCRIPTION" type="text" class="form-control" id="inputPassword4">
</div>
</div>
<div class="form-row">
<div class="form-group col-md-6">
<label for="inputEmail4">Ссылки на фотографии</label>
<input name="URL_IMAGE" type="text" class="form-control" id="inputEmail4">
</div>
<div class="form-group col-md-6">
<label for="inputState">Рейтинг</label>
<select id="inputState" name="RATING" class="form-control">
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
</select>
</div>
</div>
<button type="submit" class="btn btn-primary">Отправить</button>
</form>
<?php
use App\Database;
if (isset($_POST)) {
$name = $_POST['NAME'];
$description = $_POST['DESCRIPTION'];
$urlImage = $_POST['URL_IMAGE'];
$rating = $_POST['RATING'];
$reviewUser = ([
'name' => $name,
'description' => $description,
'url_image' => $urlImage,
'rating' => $rating
]);
$db = new Database();
$sql = "INSERT INTO `reviews`(`id`, `name`, `descriptions`, `url_image`, `rating`) VALUES(:name, :description, :url_image, :rating)";
$db->execute($sql);
// Подготовка запроса (замена псевдо переменных :title, :author и т.п. на реальные данные)
$statement = $db->prepare($sql);
// Выполняем запрос
$statement->execute($reviewUser);
echo "Запись успешно создана!";
}
class Database
{
public $pdo;
public function __construct()
{
$options = [
\PDO::ATTR_ERRMODE => \PDO::ERRMODE_EXCEPTION,
\PDO::ATTR_DEFAULT_FETCH_MODE => \PDO::FETCH_ASSOC,
\PDO::ATTR_EMULATE_PREPARES => false,
];
$config = require_once 'config.php';
$dsn = 'mysql:host='.$config['host'].';dbname='.$config['db'].';charset='.$config['charset'];
$this->pdo = new \PDO($dsn, $config['username'], $config['password'], $options);
}
public function query($sql, $params)
{
$sth = $this->pdo->prepare($sql);
$sth->execute($params);
return $sth;
}
}
$db = new Database();
$sql = "INSERT INTO `reviews`(`id`, `name`, `descriptions`, `url_image`, `rating`) VALUES(:name, :description, :url_image, :rating)";
$db->query($sql, $reviewUser);
echo "Запись успешно создана!";