cparks10
Reputation: 377
Database not updating with PDO statement?
Is there something wrong with the syntax of the statement? I've been messing around with inserting different variables into the code and it still wont update in phpmyadmin. Pretty new with this language so please bear with me.
Pretty sure the line giving me the issue is:
$pdoQuery ="UPDATE `Lab4` SET `ActiveUser`=".$Yes." WHERE UserName=".$Email."";
I just don't know what the issue is...
<?php
//connect to the database
session_start(); //this must be the very first line on the php page, to register this page to use session variables
$_SESSION['timeout'] = time();
//if this is a page that requires login always perform this session verification
//require_once "inc/sessionVerify.php";
require_once "dbconnect.php";
require_once "inc/util2.php";
require_once "mail/mail.class.php";
include "header.php";
// $EmailCode = $_GET["Code"];
if (isset($_SESSION['Code'])){
echo $_SESSION['Code'];
echo $_SESSION['Email'];
}
?>
<?php
if (isset($_POST['Submit'])){
try {
$pdoConnect = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
}
catch (PDOException $exc) {
echo $exc->getMessage();
exit();
}
//$NotAnActiveUserYet = "No";
// mysql query to insert data
$Email = $_SESSION['Email'];
$Yes = "Yes";
$pdoQuery ="UPDATE `Lab4` SET `ActiveUser`=".$Yes." WHERE UserName=".$Email."";
$pdoResult = $pdoConnect->prepare($pdoQuery);
$pdoResult->execute();
if ($pdoResult) {
echo 'Data Inserted';
} else {
echo 'Data Not Inserted';
}
}
?>
Upvotes: 0
Views: 30
Answers (1)
Wranorn
Reputation: 798
_Try something along these lines:
$params = array(
'ActiveUser' => $Yes,
'UserName' => $Email,
);
$pdoQuery ='UPDATE `Lab4` SET `ActiveUser`=:ActiveUser WHERE `UserName`=:UserName';
$pdoResult = $pdoConnect->prepare($pdoQuery);
$pdoResult->execute($params);
And as tadman said,... NEVER trust anything from a browser. (includes $_REQUEST, $_GET, $_POST, $_COOKIE, etc.)
Upvotes: 1