is there something wrong with this php code?
Question
is this piece of code correct syntax wise ?
I need to update some fields in a certain row in my database which i can access using email ... so is this right ?
public function storeData($emaill, $servicee, $ratee, $rated_clientss) {
$email = "samy@gmail.com";
$service = "lksdjfsdkljf";
$rate = "good";
$rated_clients = "20";
$stmt = $this->conn->prepare ( "UPDATE users SET service='$service' and SET rate='$rate' and SET rated_clients='$rated_clients' WHERE email='$email'" );
var_dump($stmt->execute ());
if ($stmt->execute ()) {
$data = $stmt->get_result ()->fetch_assoc ();
$stmt->close ();
return $data;
} else {
return NULL;
}
}
1 answers
solution1
1 ACCPTED 2015-11-14 19:51:22
Prepared statments to not directly accept user input, instead, you need to pass them as a placeholder: ? , and then use bind_param() to fill in the type and the variable.
Observe:
$stmt = $this->conn->prepare ( "UPDATE users SET service=? and SET rate=? and SET rated_clients=? WHERE email=?" );
$stmt->bind_param('ssss', $service, $rate, $rated_clients, $email);
Now you can correctly ->execute the $stmt .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Is something wrong with this php GD code?
Something wrong with my php search code
Is this a PHP date() bug, or is there something wrong with my code?
Is there something wrong with my code here? PHP mail()
Is there something wrong with this foreach code?
php pagination, something is wrong
Is there something wrong with this php if statement?
php pagination, something wrong
foreach PHP something wrong
problem with php code not working. or i am doing something wrong
Related Tags