CODEWITHSUNDEEP
phpmysqlpdo
Marco
Marco

Reputation: 37

Form in PDO to update data

I've been looking around and even here on the site, but I can not find the correct syntax in PDO to update data, such as the data of a user profile.

You could give me a practical example with html form? I know that maybe I ask so much, but I can not make it work.

I enclose what until now have been able to do, but not work.

if(isset($_POST['submit'])) {
    $email      = $_POST['email'];
    $location       = $_POST['location'];
    $id       = $_SESSION['memberID'];

    $stmt = $db->prepare("UPDATE `members` SET `email` = :email, `location` = :location WHERE `memberID` = :id");

    $stmt->bindParam(":email", $email, PDO::PARAM_STR);
    $stmt->bindParam(":location", $location, PDO::PARAM_STR);
    $stmt->bindParam(":id", $_SESSION['memberID'], PDO::PARAM_STR);

    $stmt->execute(array(':email' => $_POST['email'], ':location' => $_POST['location'], ':id' => $id));
}

And,

<form role="form" method="POST" action="<?php $_PHP_SELF ?>">
<div class="form-group">
<label class="control-label">Email</label>
<input type="text" value="<?php echo $_SESSION['email'] ?>" name="email" id="email" class="form-control"/>
</div>
<div class="form-group">
<label class="control-label">Location</label>
<input type="text" value="<?php echo $_SESSION['location'] ?>" name="location" id="location" class="form-control"/>
</div>
<div class="margiv-top-10">
<input type="submit" name="submit" class="btn green" value="Update" >
<a href="profile.html" class="btn default">Annuller </a>
</div>
</form>

I was wondering if it was safe and correct to query the same page or should I create a class? Can you help with a practical example because I have tried everything.

Upvotes: 0

Views: 7422

Answers (1)

Kuya
Kuya

Reputation: 7310

First I'll explain some of the changes I made to your code.

  1. Back-ticks are not required unless you are using a reserved word, so I removed them

  2. You are already defining $id as $id = $_SESSION['memberID']; so I changed $stmt->bindParam(":id", $_SESSION['memberID'], PDO::PARAM_STR);

  3. If you are binding your parameters, you don't need to execute with an array, so I changed $stmt->execute(array(':email' => $_POST['email'], ':location' => $_POST['location'], ':id' => $id)); to $stmt->execute();

  4. The action in your form must be echoed.

This is the resulting process

<?php
if(isset($_POST['submit'])) {

    $email = $_POST['email'];
    $location = $_POST['location'];
    $id = $_SESSION['memberID'];
    $sql = "UPDATE members SET email=:email, location=:location WHERE memberID=:id";
    $stmt = $db->prepare($sql);
    $stmt->bindValue(":email", $email, PDO::PARAM_STR);
    $stmt->bindValue(":location", $location, PDO::PARAM_STR);
    $stmt->bindValue(":id", $id, PDO::PARAM_STR);
    $stmt->execute();
}
?>

This is the resulting form (easier to read with indentations)

<form role="form" method="POST" action="<?php echo $_PHP_SELF ?>">
    <div class="form-group">
        <label class="control-label">Email</label>
        <input type="text" value="<?php echo $_SESSION['email'] ?>" name="email" id="email" class="form-control"/>
    </div>
    <div class="form-group">
        <label class="control-label">Location</label>
        <input type="text" value="<?php echo $_SESSION['location'] ?>" name="location" id="location" class="form-control"/>
    </div>
    <div class="margiv-top-10">
        <input type="submit" name="submit" class="btn green" value="Update" >
        <a href="profile.html" class="btn default">Annuller </a>
    </div>
</form>

Upvotes: 5

Related Questions