On Apr 16, 12:06 pm, [EMAIL PROTECTED] (Aspiritus) wrote:
> On Apr 15, 3:10 pm, [EMAIL PROTECTED] (Robert Roggenbuck)
> wrote:
>
>
>
> > $sth->{Statement} returns the prepared statement. Using this as a base
> > You can get the used values in a HashRef by $boundParams =
> > $sth->{ParamValues} after an execute. I did not used it before ... but
> > it should work.
>
> > Regards
>
> > Robert
>
> > aspiritus schrieb:
>
> > > Hello all experts !
>
> > > I need to log every INSERT, UPDATE and DELETE queries even when using
> > > placeholders. Here some code:
>
> > > $sql = "UPDATE users SET `name`=? WHERE ìd`=1;";
> > > $sth = $dbh->prepare($sql);
> > > $sth->execute('Test User');
> > > $sth->finish();
>
> > > Of course execute params are given dynamically and I want to use
> > > placeholders for more secure code.
> > > I want to save that UPDATE query into file or database ( I'll prefer
> > > DB :) ) for tracking purposes. Any idea how to do this?
>
> Thank you all for replays, here some thoughts:
>
> I also want to record who did what and where, ex. who was the person
> logged in and changed the username. This info is sent by HTTP_VARS on
> each POST of form. My "log" contains these columns: id
> (auto_increment), Name ( person who posted form), Timestamp,
> Scriptname ( where form was posted),Sql ( actual query with
> placeholders), Sql_values (executed values)
>
> Keeping above in mind, Roberts idea makes sense and is best solution,
> but I can't get $sth->{ParamValues} to work with mysql. $sth-
>
> >{Statement} works just fine and I get column "Sql" populated.
Okay my friends !
Finaly I did get this to work: I needed to update my mysql-driver.
Version 3.0xx doesn't work !!
Thank you all for your help.
