MySQL Tables Not Updating (PDO)

Question

I am trying to have the PHP code update an address in user table.

For starters, using mysqli, and tried both prepared statements as well as simpler queries. Never had much luck with prepared statements ever because I find them confusing, particularly bind_result().

I do use mysql testing at the command itself to make sure it works as it should. Updates as it should so it's not the mysql command itself. I even gave it a shot in phpMyAdmin locally on the server. However, once in PHP, it doesn't update data in the table.

Immediate thought that came to mind was to make sure the 'user' accessing the mysql tables had UPDATE rights, and it does. So it doesn't look like a permission issue. Even when I use the mysql root with all rights and privileges, the table will NOT update.

My original attempt was some thing quite simple:

$query = "UPDATE `UserTable` SET `Address`=\"". $address . "\" WHERE `id`=".$id;

$conn->query($query);

So, I tried prepared statement version of this and had the same effect. No error, but nothing changed in my table.

Today, I decided to go the PDO route.

try {

$dbh = new PDO("mysql:host=$hostname; dbname=DBDatabase", $db_user, $db_pass);                      
$query = "UPDATE UserTable SET 'Address'='".$address."' WHERE 'id'=".$id;
echo "Query: ". $query;
$count = $dbh->exec($query);
echo $count . " record changed.";
$dbh = null;
}

catch (PDOException $e) {
    echo $e->getMessage();
}

I also tried changing other fields (maybe it was just happening to VARCHAR fields like address). So, I tried flipping the Registered flag and no changes register for that either.

Answer 1

You're not using PDO properly. This is how you will want to form your query.

try {

$dbh = new PDO('mysql:host=$hostname; dbname=DBDatabase', $db_user, $db_pass);                      
$stmt = $dbh->prepare('UPDATE UserTable SET `Address`=:address WHERE `id`=:id');
$stmt->bindParam(':address', $address, PDO::PARAM_STR);
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->execute();

}

catch (PDOException $e) {
    echo $e->getMessage();
}

Answer 2

This is not your direct question, but prepared statements are super easy, they just require a learning curve - which, honestly, from personal experience is no steeper than learning PDO.

Traditional Query Steps:

1. DB query.
2. DB result.

Prepared Query:

1. Send DB query without parameters, to prepare.
2. Insert parameters.
3. Connect to results (bind a variable for each return column, in order).
4. Cycle through results, using variables rather than a $result array.

It is a few extra steps, but take the twenty minutes you need to to conceptualize it and it will all snap together. The advantage to PDO is that it works across different databases and it is great at prepared statements.