PHP:
class Database {
private $pdo;// = null;
public function __construct() {
$user = "root";
$pw = null;
//$dsn = "mysql:dbname=PHP-PDO-BLOB;host=localhost";
//$id_feld = "id INTEGER PRIMARY KEY AUTO_INCREMENT,"; // MySQL-Syntax
$dsn = "sqlite:sqlite-pdo-schachfibel.db";
$id_feld = "id INTEGER PRIMARY KEY AUTOINCREMENT,"; // SQLite-Syntax
try {
$this->pdo = new PDO
($dsn, $user, $pw);
//$this->pdo->beginTransaction();
$sqlQuestion = "CREATE TABLE question (" . $id_feld .
"figurID INTEGER NOT NULL," .
"questionID INTEGER NOT NULL," .
"questionText TEXT UNIQUE NOT NULL," .
"solutionID INTEGER NOT NULL," .
"optionID INTEGER NOT NULL);";
$sqlGruppenordnerDatei = "CREATE TABLE gruppenordnerDatei (" . $id_feld .
"name VARCHAR(10) UNIQUE NOT NULL," .
"path VARCHAR(40) NOT NULL," .
"date DATETIME NOT NULL," .
"size DOUBLE NOT NULL);";
$sqlGruppenordnerDateiLikes = "CREATE TABLE gruppenordnerDateiLikes (" . $id_feld .
"likes INTEGER NOT NULL);";
$sqlUser = "CREATE TABLE user (" . $id_feld .
"name VARCHAR(10) UNIQUE NOT NULL," .
"email VARCHAR(30) NOT NULL," .
"password VARCHAR(10) NOT NULL," .
"image BLOB NOT NULL)";
$this->pdo->exec($sqlQuestion);
$this->pdo->exec($sqlGruppenordnerDatei);
$this->pdo->exec($sqlGruppenordnerDateiLikes);
$this->pdo->exec($sqlUser);
echo "Tabelle angelegt.<br/>";
//$this->pdo->commit();
} catch (PDOException $e) {
// Database exists
echo $e->getMessage();
//$this->pdo->rollBack();
}
}
public function getPDO() {
return $this->pdo;
}
}
?>
##########################################
class UserDBTest {
private $connection = null;
private $pdo = null;
public function __construct() {
if (!(file_exists("sqlite-pdo-schachfibel.db"))) {
$this->connection = new Database();
} else {
$this->pdo = new PDO("sqlite:sqlite-pdo-schachfibel.db", "root", null);
}
}
/*User wird erzeugt und in der Datenebank gepeichert*/
public function createUser($name, $email, $password, $image){
try{
$imagePath = fopen($image, 'rb');
$valid = "INSERT INTO user(name, email, password, image) VALUES(:name, :email, :password, :image)";
$stmt = null;
if($this->connection !== null){
$stmt = $this->connection->getPDO()->prepare($valid);
}else{
$stmt = $this->pdo->prepare($valid);
}
$stmt->bindParam(':name', $name);
$stmt->bindParam(':email', $email);
$stmt->bindParam(':password', $password);
$stmt->bindParam(':image', $imagePath, PDO::PARAM_LOB);
return $stmt->execute();
$db->commit();
echo "committed <br />";
}catch(Execption $ex){
echo "Fehler: " . $ex->getMessage(). "<br />";
$db->rollBack();
}
}
public function selectUser($id){
try{
$valid = "SELECT name, email, password FROM user where id = ?";
$stmt = null;
if($this->connection !== null){
$stmt = $this->connection->getPDO()->prepare($valid);
}else{
$stmt = $this->pdo->prepare($valid);
}
$userID = $id;
$stmt->execute(array($userID));
while($zeile = $stmt->fetchObject()){
$userList = array("name" => htmlspecialchars($zeile->name), "email" => htmlspecialchars($zeile->email),
"password" => htmlspecialchars($zeile->password));
return $userList;
}
}catch(Exception $ex){
echo "Fehler: " . $ex->getMessage(). "<br />";
}
}
public function selectBlob($id) {
$sql = "SELECT
image
FROM user
WHERE id = :id;";
$stmt = null;
if($this->connection !== null){
$stmt = $this->connection->getPDO()->prepare($sql);
}else{
$stmt = $this->pdo->prepare($sql);
}
$stmt->execute(array(":id" => $id));
$stmt->bindColumn(1, $data, PDO::PARAM_LOB);
$stmt->fetch(PDO::FETCH_BOUND);
return array(
"data" => $data);
}
}
$dbObj = new UserDBTest();
$dbObj->createUser("beka", "mschvilidze@yahoo.de", "anabana", "images/bild.png");
$user = $dbObj->selectUser(1);
echo $user["name"];
?>
Ich hab hier zwei Klasse erstellt, damit der Nutzer sich registrieren kann.
das alles funktioniert, aber wenn irgendwelcher Fehler auftritt wird dann so ausgegeben:
Fatal error: Uncaught PDOException: SQLSTATE[23000]: Integrity constraint violation: 19 UNIQUE constraint failed: user.name in C:\xampp\htdocs\webprogrammierung\php\Schachfibel-DB-Test.php:55 Stack trace: #0 C:\xampp\htdocs\webprogrammierung\php\Schachfibel-DB-Test.php(55): PDOStatement->execute() #1 C:\xampp\htdocs\webprogrammierung\php\Schachfibel-DB-Test.php(169): SchachfibelDB->createUser('beka40', 'mschvilidze@yah...', 'anabana', 'images/bild.png') #2 {main} thrown in C:\xampp\htdocs\webprogrammierung\php\Schachfibel-DB-Test.php on line 55
Also Komplete Daten mit password und emails usw... Was soll ich machen, damit die Daten bei dem Fehler verdeckt werden, und die Hacker nicht sehen können.