如何使用受控语句和html表单通过php通过php向mysql db添加一行到用户输入？

Question

I am trying to build an "admin" section of my website. One where I can update customer status on work orders (or tickets if you prefer the term). I have it where I can input an int in a text field and hit submit to DELETE , but I cannot get my addRow function to work. It is not causing an error, which makes me believe that I am not passing my variables correctly.

Here are the forms on admin.php:

<form name="newRow" METHOD="post" ACTION="q.php">
    Status of New Entry: <input type="text" value="Open" name="newStatus" /><br>
    Type of Maintenance being completed: <input type="text" value="Software Maintenance" name="maintType" /><br>
    <input type="submit" value="Add" name="newEntry" />
</form>

<form name="delRow" METHOD="post" ACTION="q.php">
    <input type="text" name="deleteID" />
    <input type="submit" value="Delete" name="delEntry"/>
</form>

As for my q.php, here is what I have after I connect to my db (which again, I have no problems using the delEntry/delRow section, so I can't see how a connection/mysqli initialization problem would be the issue:

//prepare statements
$addData = $conn->prepare("INSERT INTO $tname (status, mainttype) VALUES (?, ?)");
$addData->bind_param("s,s", $newStatus, $maintType);

$delData = $conn->prepare("DELETE FROM $tname WHERE id=?");
$delData->bind_param("i", $deleteID);
//end prepared statements

//if New Entry Button is pressed
$newStatus = isset($_POST['newStatus'])
    ? $_POST['newStatus']
    : '';
$maintType = isset($_POST['maintType'])
    ? $_POST['maintType']
    : '';
$addData->execute();
if ( false===$addData ) {
    die('prepare() failed: ' . htmlspecialchars($mysqli->error));
}
else{
    printf("rows inserted: %d\n", $addData->affected_rows);
}

//if Del Entry Button is pressed
if ( isset( $_POST['delEntry'] ) ) {
    $deleteID = $_POST['deleteID'];
    $delData->execute();
}

$addData->close();
$delData->close();
$conn->close();
?>

my columns are matching according to phpMyAdmin:

$addData = $conn->prepare("INSERT INTO $tname (status, mainttype) VALUES (?, ?)");

status and mainttype (yes 2 t). my ID (primary) is an auto_incriment so I left it out because I don't want to cause any key duplicate errors by accident. It's auto_incriment has been tested and seems to be working fine.

Too make it more fun, I added an echo $newStatus; after my prepared statement execution, and it comes back with the correct value. I appear to be having a problem with the addition of the new row. Still no error being generated.

printf("rows inserted: %d\n", $addData->affected_rows);

returns with 0 rows affected as well.

Answer 1

Simple comma issue. On:

$addData->bind_param("ss", $newStatus, $maintType);

I had it listed as:

$addData->bind_param("s,s", $newStatus, $maintType);