PDO DB UPDATE PROBLEMS

Beginners - Learning PHP
#1

Hi guys!
I have a slight problem. When I pass values as variables to a sql statement it doesnt work. This is the example:

THIS WORKS:
[php]<?php
require ‘DB/dbinc.php’;

try {
// Connect and create the PDO object
$conn = new PDO(“mysql:host=$dbhost; dbname=$dbname”, $usernm, $dbpass);
$conn->exec(“SET CHARACTER SET utf8”); // Sets encoding UTF-8

// changes data in “text” and “text” where title = some title
$sql = “UPDATE bloging SET title=‘Novi Title’, tekst=‘Novi tekst’ WHERE title=‘Update post’”;
$count = $conn->exec($sql);

$conn = null; // Disconnect
}
catch(PDOException $e) {
echo $e->getMessage();
}

// If data added ($count not false) displays the number of rows added
if($count !== false) echo 'Number of rows added: '. $count;
?>[/php]

THIS DOES NOT WORK
[php]<?php
require ‘DB/dbinc.php’;
$oldTitle = ‘Stari naslov’;
$nTitle = ‘novinaslov’;
$nText = ‘novitekst’;

try {
// Connect and create the PDO object
$conn = new PDO(“mysql:host=$dbhost; dbname=$dbname”, $usernm, $dbpass);
$conn->exec(“SET CHARACTER SET utf8”); // Sets encoding UTF-8

// changes data in “text” and “text” where title = some title
$sql = “UPDATE bloging SET title=$nTitle, tekst=$nText WHERE title=$oldTitle”;
$count = $conn->exec($sql);

$conn = null; // Disconnect
}
catch(PDOException $e) {
echo $e->getMessage();
}

// If data added ($count not false) displays the number of rows added
if($count !== false) echo 'Number of rows added: '. $count;
?>[/php]

I don’t get it why it wont accept variable instead of string text as a value?

Thanx in advance!

#2

Problem solved! Working code looks like this:

[php]<?php
require ‘DB/dbinc.php’;

$oT = $_POST[‘starinaslov’];
$nT = $_POST[‘novinaslov’];
$nTx = $_POST[‘novitekst’];

try {
// Connect and create the PDO object
$conn = new PDO(“mysql:host=$dbhost; dbname=$dbname”, $usernm, $dbpass);
$conn->exec(“SET CHARACTER SET utf8”); // Sets encoding UTF-8

//Update
$sql = “UPDATE bloging SET title=:ntitle, tekst=:ntext WHERE title=:oldtitle”;
$stmt = $conn->prepare($sql);
$stmt->execute(array(
‘:ntitle’ => $nT
, ‘:ntext’ => $nTx
, ‘:oldtitle’ => $oT
));

$conn = null; // Disconnect
}
catch(PDOException $e) {
echo $e->getMessage();
}

?>[/php]

#3

While you have it working, I would add the option string, that way you know for sure you are actually using prepared statements and not emulate prepared statements.

Here this is what I’m talking about:
[php] $db_options = array(
PDO::ATTR_EMULATE_PREPARES => false // important! use actual prepared statements (default: emulate prepared statements)
, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION // throw exceptions on errors (default: stay silent)
, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC // fetch associative arrays (default: mixed arrays)
);

$pdo = new PDO('mysql:host=localhost;dbname=database_name;charset=utf8', 'username', 'password', $db_options);	[/php]
#4

Thanx man I will do that! Cheers! :slight_smile:

Sponsor our Newsletter | Privacy Policy | Terms of Service