I can't input the data into my table using prepared statements

Question

I can't input the data into my MySQL table using this script:

<?php
ini_set('display_errors', 'On');
error_reporting(E_ALL);
session_start();
include '../scripts/test_ses.php';
include 'connection.php';
$date = date("Y-m-d");   
/* Set our params */
$id = $_POST['id'];
$status = $_POST['status'];
$active = 1;
$sql = "INSERT INTO TBL_Holiday (Status, Active, DateOfChange) VALUES (?, ?, ?) WHERE idRequest =$id";

$stmt = $conn->prepare($sql);

/* Bind our params */
$stmt->bind_param('iisi', $status, $active, $date, $id);

/* Execute the prepared Statement */
$stmt->execute();

/* Close the statement */
$stmt->close();
?>  

The data of the variables $id, $status is set by a form is there any way to display the php error of the script by alerting it on the form page over ajax ?

Answer 1

remove the $id and WHERE they are used for update or delete a row, in your case insert use below query

$sql = "INSERT INTO TBL_Holiday 
             (Status, Active, DateOfChange) VALUES 
             (?, ?, ?)";

or if you wanted to update you need to use below query

$sql = "UPDATE TBL_Holiday SET 
           Status= ?,
           Active= ?,
           DateOfChange= ? 
        WHERE idRequest = ?";


/* Bind our params */
$stmt->bind_param('iisi', $status, $active, $date, $id);

Answer 2

by having its id.. make the update operation..

$sql = "UPDATE TBL_Holiday SET Status='$status', Active='$active', DateOfChange='$date' WHERE idRequest =$id";

otherwise.. make insert by ..

$sql = "INSERT INTO TBL_Holiday (Status, Active, DateOfChange) VALUES ('$status', '$active', '$date')";

Answer 3

Instead of using insert you need to use Update query if you need to use condition while. So your condition will be something like this,

$sql = "UPDATE  TBL_Holiday SET Status= ?,Active= ?,DateOfChange=? WHERE idRequest =$id";

Answer 4

You're mixing an INSERT statement with an UPDATE statement

An insert statement is on the form:

INSERT INTO table_name (column1, column2, column3, ...)
VALUES (value1, value2, value3,...);

• Where you're creating a new record which is not associated with any other existing rows using a where clause, ie you're suppose to skip that part.

Meanwhile an update statement is on the form:

UPDATE table_name
SET column1=value1, column2=value2,...
WHERE some_column=some_value;

• Where you do indeed wish to associate your update with some specific row by using a where clause, to indicate which row is to be updated.

Not my favorite sources but you can take a look at insert and update .

Answer 5

This is the working code:

<?php
    /* Set our params */
    $date = date("Y-m-d");
    $id = $_POST['id'];
    $status = $_POST['status'];
    $active = 1;

    /*Create executed SQL*/
    $sql = "UPDATE TBL_Holiday SET 
            Status= ?, 
            Active =?, 
            DateOfChange =?  
            WHERE idRequest = ?";

    /*Prepare SQL connection*/   
    $stmt = $conn->prepare($sql);

    /* Bind our params */
    $stmt->bind_param('iisi', $status, $active, $date, $id);

    /* Execute the prepared Statement */
    $stmt->execute();

    /* Close the statement */
    $stmt->close();
?>