function updateDemo($demoTitle, $desc, $keyword,
$uploadedFile, $clientname, $uploadedImage, $adminName, $demoID)
{
$query = "UPDATE demos SET dmTitle ='sdsdsdsdsd' , dmDesc = '$desc' ,
dmKey = '$keyword' , dmLink= '$uploadedFile' , client='$clientname' ,
imageTitle = '$uploadedImage' , userName = '$adminName'
WHERE id = '$demoID'";
$result = mysql_query($query);
if($result) {
return 'yes';
} else {
return mysql_error();
}
}
This is an update of the previous, question. I have the query executed and i am getting the return value as Yes, but it seems strange for me that the values are not getting updated.
Though when i check down here in PHP, i am getting the update values...
I tried to hardcode a value for title and it also seems not getting updated.
Try to check what mysql_affected_rows() returns. If it's not 1, then your $demoID is probably wrong. If it is 1, you're probably looking in the wrong place in the DB.
And please, for security's sake, consider switching to a DB interface which supports prepared statements (mysqli, PDO) if possible.
Edit
Here's your code using PDO
function updateDemo($demoTitle, $desc, $keyword,
$uploadedFile, $clientname, $uploadedImage, $adminName, $demoID)
{
$query = "UPDATE demos SET dmTitle = ? , dmDesc = ? ,
dmKey = ? , dmLink= ?, client=? ,
imageTitle = ? , userName = ?
WHERE id = ?";
global $db;
$stmt = $db->prepare($query);
$stmt->execute(Array(
$demoTitle, $desc,
$keyword, $uploadedFile, $clientname,
$uploadedImage, $adminName,
$demoId
));
return $stmt->rowCount();
}
This assumes that you have a global variable $db holding a PDO connection (there are better solutions but it's the simplest and will probably suffice).
Related
I want to check if user already liked the post, if so than delete the user from database likes.
I've tried to do an if statement but it wont get to the else and only add likes even when user_id and post_id are the same.
Like.class.php
private function Addlike(){
$conn = db::getInstance();
$query = "insert into likes (post_id, user_id) values
(:post_id, :user_id)";
$statement = $conn->prepare($query);
$statement->bindValue(':post_id',$this->getPostId());
$statement->bindValue(':user_id',$this->getUserId());
$statement->execute();
}
private function Deletelike(){
$conn = db::getInstance();
$query = "DELETE FROM likes WHERE post_id = :post_id
AND user_id =:user_id";
$statement = $conn->prepare($query);
$statement->bindValue(':post_id',$this->getPostId());
$statement->bindValue(':user_id',$this->getUserId());
$statement->execute();
}
public function CheckLike(){
$conn = db::getInstance();
$query = "SELECT COUNT(*) FROM likes WHERE
post_id=:post_id AND user_id=:user_id";
$statement = $conn->prepare($query);
$statement->bindValue(':post_id',$this->getPostId());
$statement->bindValue(':user_id',$this->getUserId());
$statement->execute();
$result = $statement->fetchAll(PDO::FETCH_ASSOC);
if($result["COUNT(*)"] == 0){
$this->Addlike();
}else{
$this->Deletelike();
}
return $result;
}
If you press like for the first time you should like the post and it should be stored in the database, if you press again you unlike the post and it gets deleted from the database. But now it only does the Addlike function...
I think PDO::FETCH_ASSOC returns a multidimensional array when used with PDOStatement::fetchAll, according to https://www.php.net/manual/en/pdostatement.fetchall.php#refsect1-pdostatement.fetchall-examples.
Try changing your code to something like this and see if it works. You could also try dumping the $result variable to see what the structure looks like.
if($result[0]["COUNT(*)"] == 0){
$this->Addlike();
}else{
$this->Deletelike();
}
If an array index doesn't exist, PHP considers it false, which would explain why you're always adding likes, since false == 0 in PHP.
If you want to avoid this equivalency of false and 0, use the identical operator to also compare types:
if ($result["COUNT(*)"] === 0) {
...
I'm using PDO and I can't find what's wrong in there and can't seem to get an error even if PDO's setAttribute is set to.
$fields = $data['fields'];
$cartID = $data['cartID'];
$sql = "UPDATE ShoppingCart
SET shipToSameLocation_shippingLocationID = :shippingLocationID, shipToSameLocation_shippingMethod = :shippingMethod, shipToSameLocation = 1
WHERE cartID = :cartID";
$query = $conn->prepare($sql);
$query->bindValue(':shippingLocationID', $fields['shipToSameLocation_shippingLocationID'], PDO::PARAM_INT);
$query->bindValue(':shippingMethod', $fields['shipToSameLocation_shippingMethod'], PDO::PARAM_STR);
$query->bindValue(':cartID', $cartID, PDO::PARAM_INT);
$query->execute();
Anything wrong in there related to PDO?
Proabaly because you are explicitly saying that the value will be an int but not coercing the post value into and int;
$fields = $data['fields'];
$cartID = (int) $data['cartID'];
$sql = "UPDATE ShoppingCart
SET shipToSameLocation_shippingLocationID = :shippingLocationID, shipToSameLocation_shippingMethod = :shippingMethod, shipToSameLocation = 1
WHERE cartID = :cartID";
$query = $conn->prepare($sql);
$query->bindValue(':shippingLocationID', $fields['shipToSameLocation_shippingLocationID'], PDO::PARAM_INT);
$query->bindValue(':shippingMethod', $fields['shipToSameLocation_shippingMethod'], PDO::PARAM_STR);
$query->bindValue(':cartID', $cartID, PDO::PARAM_INT);
$query->execute();
The same goes for the other values you are binding so cast them to their correct type, or better yet don't use bind value. Personally I have never bothered to bind params or values, I just pass an associative array into PDO.
$locId = (int) $fields['shipToSameLocation_shippingLocationID'];
$method = $fields['shipToSameLocation_shippingMethod'];
$cartId = (int) $data['cartID'];
$params = array(
':shippingLocationID' => $locId ,
':shippingMethod' => $method,
':cartID' => $cartId
);
$query->execute($params);
works for like a charm every time. Most places I work, the other people end up adopting this method because it is so much less trouble to code and to use, but it is up to you.
I keep thinking on that "error" but can't say why it returns false.
I've already done a SELECT for this but that is in an other file..
$result = $db->dbh->prepare("SELECT thumbs FROM skill WHERE id=? LIMIT 1");
$result->bindParam(1, $id);
// $id == 4 here
$result->execute();
$row = $result->fetch(PDO::FETCH_ASSOC);
// $row == false > why ?
$thumbs = $row['thumbs'];
When i'm trying to run this on PhpMyAdmin, it works well.
I execute this code on an AJAX call, and using the same config.php file for the $db conection.
Another question:
$sql_in = $db->dbh->prepare("INSERT INTO `voted_ip` (id, ip) VALUES (:id, :ip)");
// $id == 4
$sql_in->bindParam(":id", $id);
$sql_in->bindParam(":ip", $ip, PDO::PARAM_STR);
$sql_in->execute();
it inserts "0" and my ip. Why 0 ?
Please help
That is becasue of the $id which is a STRING is converted at 0 by MySQL.
$id = intval($id);
I have this function inside a class. The insert is like exactly the same query (but with the INSERT obviously) and it works perfect.
I am trying now to update the database with the properties that the object has and it's not updating, it echoes "Rows not updated" I have tried everything and I have compared my code with examples that work and I dont know why it's not working! It's driving me nuts.
CODE:
public function update() {
$query = "UPDATE ".$this->tablename."
SET
itemtype = :itemtype,
category = :category,
title = :title,
content = :content,
active = :active,
keywords = :keywords,
order = :order,
featured = :featured
WHERE id = ".$this->id;
$this->conn->beginTransaction();
$q = $this->conn->prepare($query);
$q->execute(array(":itemtype"=>$this->itemtype, "category"=>$this->category, "title"=>$this->title,
":content"=>$this->content, ":active"=>$this->active, ":keywords"=>$this->keywords,
":order"=>$this->order, ":featured"=>$this->featured));
if($q->rowCount() > 0) {
echo "Rows updated = ".$q->rowCount()."<br/>";
$return = true;
} else {
echo "Rows not updated<br/>";
$error = $this->conn->errorInfo();
$this->SQLerror = $error[2];
$return = false;
}
$this->conn->commit();
return $return;
}
Just know that the errorInfo returns NULL, like if there was not any SQL Sintax Error!
Put colons here:
"category"=>$this->category, "title"=>
Should be:
":category"=>$this->category, ":title"=>
Make sure, the $this->tablename and $this->id don't lead to any syntax errors.
Update
The word Order is reserved in SQL. Escape it with backticks:
`order` = :order,
You are asking if($q->$q->rowCount() > 0) before commit() see Manual
I was wondering if it is possible to use something like a if statement in a PDO query.
My current query is:
public static function UpdateTable( $id, $name, $variable )
{
self::query("
UPDATE table
SET name = :name,
WHERE id = :id
", array(
":name" => $name,
":id" => $id
));
}
Which is prepared and executed by this:
public static function query($q, $params)
{
$stmt = self::$con->prepare( $q );
$stmt->execute( $params );
}
All of this works fine, but I also got the var $variable.
And I want that database column to be updated if $variable is not empty.
I can make a if / else statement in the "UpdateTable" function, but that quite ugly in my opinion en I couldn't find anything else on Google how to do this. So I would like to learn how to ;)
You can also tokenize your your queries based off any conditions in php like the following:
public static function UpdateTable( $id, $name, $variable )
{
$params = array(":name" => $name, ":id" => $id);
$update = "";
if(isset($variable)) {
$update = ", columnname = :variable ";
$params[':variable'] = $variable;
}
$query = "UPDATE table SET name = :name {$update} WHERE id = :id ";
self::query($query,$params);
}
You really should do it in the PHP function - it would save a trip to the database in case $variable is empty. But, if someone points a gun to your head and threaten to pull the trigger unless you do it in the query, you can add it to the where clause:
UPDATE table
SET name = :name,
WHERE id = :id
AND :variable IS NOT NULL
or something like that(never worked with PHP, so I don't know if passing a null variable will turn into SQL null...)