Updating a Row in PostgreSQL with PHP

Question

I was wondering what the syntax was in PHP to update a row in a PostgreSQL database. I have made a login page that checks a UserName and Password from a database, then it goes to a page where it displays all the user info from the database for that user name. I am trying to allow the user to change some of the columns, like password, name, etc. So I added another page that has fields for each of the columns I want to change.

This is the code I have for the query:

if(array_key_exists('save',$_POST))
{
$firstname=$_POST['ifirstname'];
$lastname=$_POST['ilastname'];
$email=$_POST['iemail'];
$password=$_POST['ipassword'];

    $conn_string='host=#### port=#### dbname=###### user=####### password=######';
    $dbconn=pg_connect($conn_string) or die('Connection failed');

$query="UPDATE project.customer SET FirstName='$firstname',
LastName='$lastname',Email='$email',Password='$password')
    WHERE UserName=$1";

    $result=pg_query($dbconn,$query);
    $row_count= pg_num_rows($result);
            pg_free_result($result);
        pg_close($dbconn);
   }

This is for the fields:

    UPDATE USER INFO
    
         First Name: 
          
      
         Last Name:
          
      
         E-Mail:
            
        
         
            Password:
          
      
         
            Confirm Password:

safarov · Accepted Answer

I think it must be like this. Also make user to write old password when changing data for security reason. Also dont forget to filter your data before using in query to avoid sql injection attacks

$query="UPDATE project.customer 
        SET (FirstName,LastName,Email,Password) = 
        ('$firstname','$lastname','$email','$password')
        WHERE UserName= '$1' and Password = '$oldpassword'";

Updating a Row in PostgreSQL with PHP

Answers (2)

Related Questions