I have a User class and I'm wondering what would be the "most recommended" way to handle insertions?
Option 1: Use an existing object
// insert a new user and return the user id
public function insert() {
$sql = "INSERT INTO users (username, password, email, avatar, subscribe, created, last_login, valid) VALUES
(?, ?, ?, ?, ?, ?, ?, ?)";
$sth = $this->db->prepare($sql);
$sth->bindParam(1, $this->username, PDO::PARAM_STR);
$sth->bindParam(2, $this->password, PDO::PARAM_STR);
$sth->bindParam(3, $this->email, PDO::PARAM_STR);
$sth->bindParam(4, $this->avatar, PDO::PARAM_STR);
$sth->bindParam(5, $this->subscribe, PDO::PARAM_STR);
$sth->bindParam(6, $this->created, PDO::PARAM_STR);
$sth->bindParam(7, $this->last_login, PDO::PARAM_STR);
$sth->bindParam(8, $this->valid, PDO::PARAM_STR);
$sth->execute();
return $this->db->lastInsertId();
}
Option 2: Pass the information in as an array
// insert a new user and return the user id
public function insert(array $fields = array()) {
if(!empty($fields)) {
$sql = "INSERT INTO users (username, password, email, avatar, subscribe, created, last_login, valid) VALUES
(:username, :password, :email, :avatar, :subscribe, :created, :last_login, :valid)";
$sth = $this->db->prepare($sql);
$sth->execute($fields);
return $this->db->lastInsertId();
}
}
Another option? Does it make any difference?
Both ways are okay but personally I suggest second option
Related
I am using namecheap hosting with their database of course. I am using PDO in order to insert the data.
$uid = $db->lastInsertId();
$insertColors = $db->prepare('INSERT INTO user_colors (user) VALUES (?)');
$insertColors->bindValue(1, $uid, PDO::PARAM_INT);
$insertColors->execute();
each time a user signs up to my website they are assigned an ID through here.
The errors I've gotten lead me back to this line of code (above all the other code)
$insert->execute();
line 114
heres the rest of that code.
$insert = $db->prepare('INSERT INTO users (username, `password`, email, ip, bday, bmonth, byear, timelastseen, timeregistered) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)');
$insert->bindValue(1, $username, PDO::PARAM_STR);
$insert->bindValue(2, password_hash($password, PASSWORD_BCRYPT), PDO::PARAM_STR);
$insert->bindValue(3, $email, PDO::PARAM_STR);
$insert->bindValue(4, $_SERVER['REMOTE_ADDR'], PDO::PARAM_STR);
$insert->bindValue(5, substr($_POST['bdate'], 1, 1), PDO::PARAM_INT);
$insert->bindValue(6, substr($_POST['bdate'], 3, 3), PDO::PARAM_INT);
$insert->bindValue(7, substr($_POST['bdate'], 6, 7), PDO::PARAM_INT);
$insert->bindValue(8, time(), PDO::PARAM_INT);
$insert->bindValue(9, time(), PDO::PARAM_INT);
$insert->execute();
I have a function that inserts into a users table, I want to know if it is possible to -1 day from the "dob" and insert into reminder column through the function
public function AddUser($email, $name, $dob)
{
try {
$db = DB();
$query = $db->prepare("INSERT INTO users(email, name, dob, reminder) VALUES (:email, :name, :dob, :reminder)");
$query->bindParam("email", $email, PDO::PARAM_STR);
$query->bindParam("name", $name, PDO::PARAM_STR);
$query->bindParam("dob", $dob, PDO::PARAM_STR);
$query->bindParam("reminder", $dob, PDO::PARAM_STR);
$query->execute();
return $db->lastInsertId();
} catch (PDOException $e) {
exit($e->getMessage());
}
}
Is there anything I can do with this line to do it on INSERT
Something along the lines of
$query->bindParam("reminder", $dob DATE_ADD(now(), INTERVAL -1 DAY)); PDO::PARAM_STR);
If this is not possible could you please give me some pointers
Youn should use the :remainder in mysql date_add function eg:
$query = $db->prepare("INSERT INTO users(email, name, dob, reminder)
VALUES (:email, :name, :dob, DATE_ADD(:reminder, INTERVAL -1 DAY) )");
$query->bindParam("email", $email, PDO::PARAM_STR);
$query->bindParam("name", $name, PDO::PARAM_STR);
$query->bindParam("dob", $dob, PDO::PARAM_STR);
$query->bindParam("reminder", $dob, PDO::PARAM_STR);
Okay I have one question. I need to check if the user already exists but the question is now what I need to type in the if() I can't fetch because I have closed but if I didn't close i got an error because there can't run 2 statements. So I think if there are someone who can help me? I have the rest code but I only give the code here.
Here is my code:
$result = $mysqli->prepare("SELECT username FROM user WHERE username=?");
$result->bind_param("s", $username);
$result->execute();
$result->bind_result($username);
$result->close();
if (){
$register = $mysqli->prepare("INSERT INTO user
(username, password, email, rr, rank)
VALUES (?, ?, ?, ?, ?)");
$register->bind_param("sssii", $username, $kode, $email, $rr, $rank);
$register->execute();
$register->close();
} else {
echo "User already exists!";
}
UPDATED: more logical statement
$result = $mysqli->prepare("SELECT username FROM user WHERE username=?");
$result->bind_param("s", $username);
$result->execute();
$found = $result->fetch();
$result->close();
if ($found){
echo "User already exists!";
} else {
$register = $mysqli->prepare("INSERT INTO user
(username, password, email, rr, rank)
VALUES (?, ?, ?, ?, ?)");
$register->bind_param("sssii", $username, $kode, $email, $rr, $rank);
$register->execute();
$register->close();
}
I have to register a costumer and/or a manager into the database. I just have one form for the information, the only difference is the ID number (valid for managers). The costumers should leave this form blank. I was trying to save the data just using an if statement (If it is blank, save the information in costumer table. If it is not, save in manager). I have not seen this on my classes so I am not sure if it is possible.
Is it possible to use an if statement to insert data? What I mean is, I have two different tables but just one form (one of the forms will make the difference for which table the data will be saved.
The data in the manager table is ok, but when I try to insert data into costumer it is not working. I am not sure that I can use this.
if($_SESSION['id'] != null){
$sql = "INSERT INTO manager (id,magname,maglname,maguser,magpass) VALUES (?, ?, ?, ?, ?);";
$sth = $DBH->prepare($sql);
$sth->bindParam(1, $_SESSION['id'], PDO::PARAM_INT);
$sth->bindParam(2, $_SESSION['firstname'], PDO::PARAM_INT);
$sth->bindParam(3, $_SESSION['secondname'], PDO::PARAM_INT);
$sth->bindParam(4, $_SESSION['username'], PDO::PARAM_INT);
$sth->bindParam(5, $_SESSION['password'], PDO::PARAM_INT);
$sth->execute();
}
if(empty($_SESSION['id']){
$sql = "INSERT INTO costumer (fisrtname,lastname,username,password) VALUES (?, ?, ?, ?);";
$sth = $DBH->prepare($sql);
$sth->bindParam(1, $_SESSION['firstname'], PDO::PARAM_INT);
$sth->bindParam(2, $_SESSION['lastname'], PDO::PARAM_INT);
$sth->bindParam(3, $_SESSION['username'], PDO::PARAM_INT);
$sth->bindParam(4, $_SESSION['password'], PDO::PARAM_INT);
$sth->execute();
}
you can do it directly through following code
if(isset($_SESSION['id']))
$sql = "INSERT INTO `manager`..."
else
$sql = "INSERT INTO `customer`..."
or something like this
if(!empty($_SESSION['id']))
{ $sql = "INSERT INTO `manager`..."}
else
{ $sql = "INSERT INTO `customer`..."}
Still very new to php but learning quickly. I have two forms that gather data that is then passed to a php function. All the data from both forms is making it to the php file as I am echoing the values to be sure.
My issue is the first table is updated correctly without any issues but the second table is not updated.
Here is the code in question
private function registerNewUser($user_name, $user_email, $user_password, $user_password_repeat, $captcha, $user_type, $first_name)
....
// write new users data into database
$query_new_user_insert = $this->db_connection->prepare('INSERT INTO users (user_name, user_password_hash, user_email, user_activation_hash, user_registration_ip, user_registration_datetime, user_type) VALUES(:user_name, :user_password_hash, :user_email, :user_activation_hash, :user_registration_ip, now(), :user_type)');
$query_new_user_insert->bindValue(':user_name', $user_name, PDO::PARAM_STR);
$query_new_user_insert->bindValue(':user_password_hash', $user_password_hash, PDO::PARAM_STR);
$query_new_user_insert->bindValue(':user_email', $user_email, PDO::PARAM_STR);
$query_new_user_insert->bindValue(':user_activation_hash', $user_activation_hash, PDO::PARAM_STR);
$query_new_user_insert->bindValue(':user_registration_ip', $_SERVER['REMOTE_ADDR'], PDO::PARAM_STR);
$query_new_user_insert->bindValue(':user_type', $user_type, PDO::PARAM_STR);
$query_new_user_insert->execute();
// id of new user
$id = $this->db_connection->lastInsertId();
echo $first_name;
echo $user_email;
echo $id;
// attempt at writing to additional table
$this->db_connection->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING );
$query_new_user_insert2 = $this->db_connection->prepare('INSERT INTO C_Customer (First_Name, Email_Address, Created_Date, id) VALUES(:first_name, :user_email, now() :id');
$query_new_user_insert2->bindValue(':first_name', $first_name, PDO::PARAM_STR);
$query_new_user_insert2->bindValue(':user_email', $user_email, PDO::PARAM_STR);
$query_new_user_insert2->bindValue(':id', $id, PDO::PARAM_INT);
$query_new_user_insert2->execute();
$query_new_user_insert works as the table is updated
$query_new_user_insert2 does not work as the table C_Customers contains no data.
On second query, you forgot to put comma between now() and :id. Also, you forgot to put closing bracket.
prepare('INSERT INTO C_Customer (First_Name, Email_Address, Created_Date, id) VALUES(:first_name, :user_email, now() :id')
should be
prepare('INSERT INTO C_Customer (First_Name, Email_Address, Created_Date, id) VALUES(:first_name, :user_email, now(), :id)');
Another typo :) hope it helps.