Updating database using dropdown without using a submit button

Question

I'm trying to update the table status value whenever I make a selection from the dropdown list.

The problem is I'm having a syntax error on my update query. I've read stuff about syntax error and I can't quite understand it. I think I'm gonna need a more specific help. Here's what I've done:

<?php

    $hostname = "localhost";
    $username = "root";
    $password = "";
    $databasename = "companydb";

    try
    {
        $conn = new PDO("mysql:host=$hostname;dbname=$databasename",$username, $password);
        $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

        if(isset($_POST["status"]))
        {
            $query = "UPDATE tickets SET status = '$status' WHERE id = $id";
            $statement = $conn->prepare($query);
            $statement->execute(array('status' => $_POST["status"]));

            $count = $statement->rowCount();
            if($count > 0)
            {
                echo "Data Inserted Successfully..!";
            }
                else
            {
                echo "Data Insertion Failed";
            }
        }
            else
        {
            echo "unknown index: 'status'";
        }
    }

    catch(PDOException $error)
    {
        echo $error->getMessage();
    }
?>

And here's my table schema:

Answer 1

You are not performing prepared statements properly. You need to add the placeholder in the query and not the variables. The variables should be added in the execute() line.

$query = "UPDATE tickets SET `status` = :status WHERE `id` = :id";
$statement = $conn->prepare($query);
$statement->execute(array(':status' => $_POST["status"],':id' => $id));

Also FYI, $id is undefined.

Answer 2

Try Changing this:

$query = "UPDATE tickets SET status = $status WHERE id = $id";