I am trying to make a script to update the values stored in the DB with the new values typed in the form
GET the values from the form:
$reviewTitle = $_POST['reviewTitle'];
$storeScore = $_POST['storeScore'];
$reviewContent = $_POST['reviewContent'];
UPDATE Values to the DB
$sql = "UPDATE reviews SET reviewTitle=?, storeScore=?, reviewContent=? WHERE reviewID=?";
$stmt = $db->prepare($sql);
$stmt->bind_param('sisi', $reviewTitle, $storeScore, $reviewContent, $_POST['edit']);
$stmt->execute();
if ($stmt->error) {
echo "FAILURE!!! " . $stmt->error;
}
else echo "Updated {$stmt->affected_rows} rows";
header("Location: review?store=" . $store['storeName']);
I cannot see a reason why this would not work, am i missing something in the syntax? Any help appreciated
EDIT: I have added the Error that is outputted by the script
Fatal error: Uncaught Error: Call to undefined method
PDOStatement::bind_param() in .
/home/o2q4e1ph6yl2/public_html/editreview.php:38 Stack trace: #0
/home/o2q4e1ph6yl2/public_html/review.php(54): include() #1 {main} .
thrown in /home/o2q4e1ph6yl2/public_html/editreview.php on line 38
Answer to the question is:
$query = $db->prepare("UPDATE reviews SET reviewTitle=:reviewTitle, storeScore=:storeScore, reviewContent=:reviewContent WHERE reviewID=:reviewID");
$query->execute(array(':reviewTitle' => $reviewTitle, ':storeScore' =>
$storeScore, ':reviewContent' => $reviewContent, ':reviewID' => $reviewID));
It only took 4h to figure out
Related
This question already has answers here:
how to use $_GET inside mysqli_query? [duplicate]
(7 answers)
PHP: Inserting Values from the Form into MySQL
(2 answers)
PHP MySQLInsert prepared statements
(4 answers)
Closed last year.
I created a prepared statement in my PHP script but when I submit my form to insert, I get this error, Fatal error: Uncaught TypeError: mysqli_query(): Argument #2 ($query) must be of type string, mysqli_stmt given in C:\xampp\htdocs\7058\insert.php:100 Stack trace: #0 C:\xampp\htdocs\7058\insert.php(100): mysqli_query(Object(mysqli), Object(mysqli_stmt)) #1 {main} thrown in C:\xampp\htdocs\7058\insert.php on line 100.
It is my first time trying prepared SQL statements, so I am not sure what I am doing wrong.
<?php
session_start();
// servername => localhost
// username => root
// password => empty
// database name => staff
$conn = mysqli_connect("localhost", "root", "", "survey");
// Check connection
if ($conn === false) {
die("ERROR: Could not connect. "
. mysqli_connect_error());
}
$name = $_SESSION['name'];
$paygoid = $_SESSION['paygoid'];
$product_exist_satisfaction = $_SESSION['product_exist_satisfaction'];
$system_battery_runout = $_SESSION['system_battery_runout'];
$rank_appliances = $_POST['rank_appliances']; //return an array.
$checkboxvalue = implode(",", $rank_appliances);
$sql = $conn->prepare("INSERT INTO cus_survey (name,paygoid,product_exist_satisfaction,system_battery_runout,rank_appliances) VALUES (?, ?, ?, ?, ?)");
$sql->bind_param("sssss", $name, $paygoid, $product_exist_satisfaction, $system_battery_runout, $checkboxvalue);
if (mysqli_query($conn, $sql)) { **//this is line 97**
echo "<h3>Your survey was captured successfully. Thank You!"
} else {
echo "<h3>Sorry, Your ID has already been used. Please enter a valid ID</h3> "
echo "<h3><a href='/7058/index.php'>Click here to edit your ID</a></h3>";
}
// Close connection
mysqli_close($conn);
?>
I hope the following will help point you in the right direction. Initially you should make a sanity check that the variables you intend to use are actually available to avoid silly errors and then, using the considerably less verbose OO style of mySQLi, prepare the sql statement, bind the placeholders, execute the statement and then find if it succeeded.
<?php
session_start();
if( isset(
$_SESSION['name'],
$_SESSION['paygoid'],
$_SESSION['product_exist_satisfaction'],
$_SESSION['system_battery_runout'],
$_POST['rank_appliances']
)){
$conn = new mysqli("localhost", "root", "", "survey");
$name = $_SESSION['name'];
$paygoid = $_SESSION['paygoid'];
$product_exist_satisfaction = $_SESSION['product_exist_satisfaction'];
$system_battery_runout = $_SESSION['system_battery_runout'];
$rank_appliances = $_POST['rank_appliances'];
$checkboxvalue = implode(",", $rank_appliances);
$stmt = $conn->prepare( "INSERT INTO `cus_survey` ( `name`, `paygoid`, `product_exist_satisfaction`, `system_battery_runout`, `rank_appliances` ) VALUES (?, ?, ?, ?, ?)" );
$stmt->bind_param("sssss", $name, $paygoid, $product_exist_satisfaction, $system_battery_runout, $checkboxvalue );
$stmt->execute();
if ( $stmt->affected_rows==1 ) {
echo "<h3>Your survey was captured successfully. Thank You!"
} else {
echo "<h3>Sorry, Your ID has already been used. Please enter a valid ID</h3> "
echo "<h3><a href='/7058/index.php'>Click here to edit your ID</a></h3>";
}
$stmt->close();
$conn->close();
exit();
}
?>
So I'm making a posting system with PHP.
When the user wants to create a post, all the fields need to be complete, and what I'm trying to do is to insert into the database the name of the session, for example, to insert to the database 'Edward', because that would be the name of the session.
Here's what I'm trying to do:
<?php
session_set_cookie_params(86400*30, "/");
session_start();
require 'admin/config.php';
require 'functions.php';
if (isset($_SESSION['user'])) {
require 'view/new.view.php';
} else {
header('Location: index.php');
}
$connection = connect($bd_config);
if (!$connection) {
header('Location: error.php');
}
$errors = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$title = cleanData($_POST['title']);
$demo = cleanData($_POST['demo']);
#$project_type = $_POST['project_type'];
$content = $_POST['content'];
$post_by = $_SESSION['user'];
$errors = '';
if (empty($title) or empty($demo) or empty($project_type) or empty($content)) {
$errors .= '<p>Complete all the fields!</p>';
} else {
$statement = $connection->prepare("
INSERT INTO posts (ID, title, demo, content, post_type)
VALUES (null, :title, :demo, :content, :project_type)
");
$statement->execute(array(
':title' => $title,
':demo' => $demo,
':project_type' => $project_type,
':content' => $content,
));
$statement2 = $connection->prepare("
INSERT INTO posts (post_by)
VALUES ($post_by)
");
$statement2->execute(array(
$post_by
));
header('Location: main.php');
}
}
?>
As you can see, I'm doing 2 statement variables for 2 SQL consults, but when I do that, it throws this error:
<b>Fatal error</b>: Uncaught PDOException: SQLSTATE[42S22]: Column not found: 1054 Unknown column 'cesar' in 'field list' in C:\xampp\htdocs\bider\test2\new.php:52
Stack trace:
#0 C:\xampp\htdocs\bider\test2\new.php(52): PDOStatement->execute(Array)
#1 {main}
thrown in <b>C:\xampp\htdocs\bider\test2\new.php</b> on line <b>52</b><br />
It marks 'cesar' cause that's the session name, I guess.
Can someone help?
Your second query is the problem - you're not using parameters properly. Compare it to your first one and spot the difference in the structure. You need to specify a placeholder :post_by in the INSERT statement so PDO knows where to bind the variable, and you need to give the $post_by entry in the parameter array the same name as an index, so they match up.
Here's a version which will work:
$statement2 = $connection->prepare(
"INSERT INTO posts (post_by)
VALUES (:post_by)"
);
$statement2->execute(array(
":post_by" => $post_by)
);
this is my dao file
<?php
require_once( __DIR__ . '/DAO.php');
class insertVoteDAO extends DAO {
public function insertVote1() {
$sql = "UPDATE `ic_items` SET `flames`+1 WHERE id=1";
$stmt = $this->pdo->prepare($sql);
$stmt->execute();
return $stmt->fetch(PDO::FETCH_ASSOC);
}
}
?>
and in my index.php I do this:
<?php
require_once( __DIR__ . '/dao/insertVoteDAO.php');
$voteDAO = new insertVoteDAO();
if (!empty($_POST)) {
$insertVote = $voteDAO->insertVote1();
}
?>
This is the error I get:
Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or
access violation: 1064 You have an error in your SQL syntax; check the
manual that corresponds to your MySQL server version for the right
syntax to use near '+1 WHERE id=1' at line 1 in
/Applications/MAMP/htdocs/backend/major-IC/dao/insertVoteDAO.php:9
Stack trace: #0
/Applications/MAMP/htdocs/backend/major-IC/dao/insertVoteDAO.php(9):
PDO->prepare('UPDATE `ic_item...') #1
/Applications/MAMP/htdocs/backend/major-IC/collection.php(72):
insertVoteDAO->insertVote1() #2 {main} thrown in
/Applications/MAMP/htdocs/backend/major-IC/dao/insertVoteDAO.php on
line 9
It says I do something wrong with syntax in my query.
I hope someone can help me.
This line is wrong at flames+1:
$sql = "UPDATE ic_items SET flames+1 WHERE id=1";
It should be
$sql = "UPDATE ic_items SET flames = flames+1 WHERE id=1";
Agreed with BanNsS1,
you can check the following link for further reference: Increment a database field by 1
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 5 years ago.
Improve this question
Kindly show me the error in my code i am trying to connect the sign in form with database using php but i am getting these errors:
Warning: mysqli_connect(): (HY000/1045): Access denied for user
'root'#'localhost' (using password: YES) in
C:\xampp\htdocs\MyProject\php\signin.php on line 9
Notice: Trying to get property of non-object in
C:\xampp\htdocs\MyProject\php\signin.php on line 11
Fatal error: Uncaught Error: Call to a member function query() on
boolean in C:\xampp\htdocs\MyProject\php\signin.php:17 Stack trace: #0
{main} thrown in C:\xampp\htdocs\MyProject\php\signin.php on line 17
<?php
$servername = "localhost";
$username = "root";
$password="";
$dbname = "myproject";
// Create connection
$conn = mysqli_connect($servername,$username,$password,$dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO sign_in (username,password)";
if ($conn->query($sql) === TRUE) {
echo "New record inserted successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
You are getting this ERROR because of your is mixed up with mysqli_* functions and PDO code.
Methods of both PDO connection and mysqli_* are different.
Here is your error.
******Here is your error*****
$sql = "INSERT INTO sign_in (username,password)";
if ($conn->query($sql) === TRUE) { //ERROR line
echo "New record inserted successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
You have use function mysqli_query() instead of accessing member function of $conn, just take below correct example.
// Perform queries
mysqli_query($conn,"SELECT * FROM Persons");
mysqli_query($conn,"INSERT INTO Persons (FirstName,LastName,Age) VALUES ('Glenn','Quagmire',33)");
mysqli_close($conn);
Hope you get the point and will help you..
There must be a password on root mysql account that you're not providing here:
$password="";
Other parts of the error is a direct consequence of this, $conn became a boolean and not an object as the mysqli_connect() is unsuccessful (it gives back false on failure).
Your query is not correct, since no values where given to insert. It should look like this:
$sql = "INSERT INTO sign_in (username,password) VALUES ($username,$password)";
I am having a little bit of trouble trying to write to a .mdb database from php.
The database has a table called comments and it has 3 columns "id", "comment" and "by". The code I have is this.
<?php
$count =0;
$db_path = "newsBlog.mdb";
$odbc_con = new COM("ADODB.Connection");
$constr = "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" . $db_path . ";";
$odbc_con -> open($constr);
$sql = "INSERT INTO [comments] VALUES (".$_POST['newsId'].",'".$_POST['comment']."', '".$_POST['by']."')";
echo $sql;
$odbc_con -> execute (sql);
$rs = null;
$conn = null;
echo "done";
?>
It takes 3 values from a form on the previous page and should insert them into the database, except I get this error every time:
<b>Fatal error</b>: Uncaught exception 'com_exception' with message '<b>Source:</b> Microsoft OLE DB Provider for ODBC Drivers<br/><b>Description:</b> [Microsoft][ODBC Microsoft Access Driver] Invalid SQL statement; expected 'DELETE', 'INSERT', 'PROCEDURE', 'SELECT', or 'UPDATE'.' in D:\Hosting\7010757\html\users\kinectfashion\postComment.php:20 Stack trace:
#0 D:\Hosting\7010757\html\users\kinectfashion\postComment.php(20): com->execute('sql')
#1 {main} thrown in <b>D:\Hosting\7010757\html\users\kinectfashion\postComment.php</b> on line <b>20</b><br />
To me, this seams MAD as I am using an insert statement and cannot see what I am doing wrong!
Any help would be much appreciated!
Thanks
$odbc_con -> execute (sql); should be $odbc_con -> execute ($sql);