Jump to content

Should This Work?

LunarIsSexy

By LunarIsSexy
in PHP Coding Help

 Share

Recommended Posts

LunarIsSexy Newbie

LunarIsSexy

Posted
Posted (edited)
This is just a basic script for updating my database from form data.

 

I don't have much experience with databases and this might be a bad question but I have read online that you should use UPDATE because I've only ever inserted stuff to tables.

 

Any idea whats wrong here?

 




    <?php

    include 'connect.php';

    include 'main.php';

    if(!isset($_SESSION['id']))



    echo "You need to login to view this page";



    else{



    }

    $id = $_SESSION['id'];

    $firstname = $_POST['firstname'];

    $lastname = $_POST['lastname'];

    $motto = $_POST['motto'];

    $bio = $_POST['bio'];



    if(empty($firstname) || empty($lastname) || empty($motto) || empty($bio)){



    echo "You didn't fill out any fields.";



    } else if (strlen($motto) < 5) {

echo "Your motto must be more than 5 characters.";

    }



    $sql="UPDATE users SET firstname='$firstname', lastname='$lastname', bio='$bio', motto='$motto' WHERE id='$id'"; 

    ?>


 

There are no errors that show up when its loaded because I fixed some of the other ones but obviously I didn't put for there to be text saying like "Update complete!" or whatever. But I wasn't sure if I should do and "else" around the $sql function. It looks like it should work in my eyes but it doesn't update them.

 

Database:


 

I do have it connected properly as I already have a register system, profile page, etc...

 

Also if anyone is good with SQL what should the Varchar be for the BIO? I just set 1024, but I have no clue :/

Edited by LunarIsSexy
Link to comment
Share on other sites
TOA Member

TOA

Posted
Posted

Updates are fine if you're updating. Insert's are for new rows.

 

I think you're main error is that you never fire the query, but I've edited your code for several different things.

1. Added curly braces on line 4 - not necessarily needed in this case, but I consider it good practice so I threw them in there.

2. moved the else condition braces around the rest of the code to only run when there's a session; this was an assumption.

3. not sure what db engine your using in connect.php so I marked where you need to fire the query.

4. added indentation

 

I didn't test it but it should be good.

<?php
include 'connect.php';
include 'main.php';
if(!isset($_SESSION['id'])) 
{ // added curly braces
	echo "You need to login to view this page";
}
else
{    
	// added indents
	$id = $_SESSION['id'];
	$firstname = $_POST['firstname'];
	$lastname = $_POST['lastname'];
	$motto = $_POST['motto'];
	$bio = $_POST['bio'];


	if(empty($firstname) || empty($lastname) || empty($motto) || empty($bio)){
		echo "You didn't fill out any fields.";
	} else if (strlen($motto) < 5) {
		echo "Your motto must be more than 5 characters.";
	}

    	$sql="UPDATE users SET firstname='$firstname', lastname='$lastname', bio='$bio', motto='$motto' WHERE id='$id'"; 
    	// you never actually fire this query...do so here
}
// moved this to wrap the code
?>
Link to comment
Share on other sites
LunarIsSexy Newbie

LunarIsSexy

Posted
  • Author
Posted

FYI: mysql is deprecated. You should switch to the mysqli extension, or better yet, to an abstraction layer such as PDO

Thats what my friend said D: I would ask him what he means but then he'd think I'm retarted. I know what mysqli is, instead of doing for example mysql_connect do "mysqli_connect", etc... But what do you mean by PDO?

Link to comment
Share on other sites
TOA Member

TOA

Posted
Posted (edited)

I have to preface this with 'I'm not a PDO expert so if I miss-speak, please don't hold it against me.'

 

The quick and simple explanation is that PDO gives you one universal interface for accessing your db. You call $pdo->query() and it knows that you have a MySQL server and so to use MySQL calls internally. That's an abstraction layer; you abstract the actual calls out of the client code and into an abstraction layer.

 

Imagine you set everything up on a MySQL server. You then find out MySQL goes bankrupt and you need to replace it with a competitor. How long do you think it would take to go through all your code and replace all the calls to MySQL and also alter functionality for handling the results of those calls. With PDO or a similar layer, you would change the details in your PDO config and all your client code calls would remain the same.

 

PDO

 

Abstraction layer

 

Don't leave questions unasked for fear of stupidity; It's stupid not to ask. If he's a real friend, he won't treat you like an idiot :)

Edited by TOA
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.