PHP MYSQL runs the query twice

Question

When i run the following script. The row is inserted twice ( the query runs twice ) .

require_once $_SERVER['DOCUMENT_ROOT'].'/functions/sanitize.php';
require_once $_SERVER['DOCUMENT_ROOT'].'/main/config.php';

$response    =   textsanitize($_POST['r']);
$ticket      =   idssanitize($_POST['t']);

$stmt = $condb->prepare("INSERT INTO ticket_reponses (ticket_id,user_id,time,response) VALUES (:ticket_id,:user_id,:time,:response)");
$stmt->execute(
array(
"ticket_id" => $ticket,
"user_id" => $_SESSION['user_id'],
"time" => time(),
"response" => $response
)
);
if($stmt->execute()){
   echo "SUCCESS";
}

When i remove if($stmt->execute()){echo "SUCCESSS";} . It runs in the right way. The row inserted once.

Why does if($stmt->execute()) execute the query again ? I thought that if($stmt->execute()) only returns TRUE || FALSE TRUE || FALSE . I want to ensure that the query was executed successfully.

Answer 1

It is because it is calling the $stmt->execute() function twice. Once before the if statement and once as the condition in the if statement. So, you need to remove one instance of it.

I believe that you need to check if the statement has executed correctly (hence the if). So, the code can be like...

require_once $_SERVER['DOCUMENT_ROOT'].'/functions/sanitize.php';
require_once $_SERVER['DOCUMENT_ROOT'].'/main/config.php';

$response    =   textsanitize($_POST['r']);
$ticket      =   idssanitize($_POST['t']);

$stmt = $condb->prepare("INSERT INTO ticket_reponses  (ticket_id,user_id,time,response) VALUES (:ticket_id,:user_id,:time,:response)");
$values = array(
    "ticket_id" => $ticket,
    "user_id" => $_SESSION['user_id'],
    "time" => time(),
    "response" => $response
);
if($stmt->execute($values)){
    echo "SUCCESS";
}

Answer 2

One of the good uses of prepared statements in any language is that you can prepare it once and then execute it as many times as needed.

So in your case you execute() the statement twice, but it's possible that you could insert a whole bunch of data with the same prepared statement in a loop. Each time you call execute() you can just pass a new set of values to run the prepared statement. In your case it is an INSERT, so this is run twice.

In your case you probably just need...

$stmt = $condb->prepare("INSERT INTO ticket_reponses (ticket_id,user_id,time,response) VALUES (:ticket_id,:user_id,:time,:response)");

if($stmt->execute(array(
                  "ticket_id" => $ticket,
                  "user_id" => $_SESSION['user_id'],
                  "time" => time(),
                  "response" => $response)))    {
   echo "SUCCESS";
}

Answer 3

You are executing $stmt->execute() twice, so it's simply inserting two rows. no rocket science here.

if you want to check if the query ran successfully or not do it in the first statement itself.

require_once $_SERVER['DOCUMENT_ROOT'].'/functions/sanitize.php';
require_once $_SERVER['DOCUMENT_ROOT'].'/main/config.php';

$response    =   textsanitize($_POST['r']);
$ticket      =   idssanitize($_POST['t']);

$stmt = $condb->prepare("INSERT INTO ticket_reponses (ticket_id,user_id,time,response) VALUES (:ticket_id,:user_id,:time,:response)");
$isSuccessful = $stmt->execute(
array(
"ticket_id" => $ticket,
"user_id" => $_SESSION['user_id'],
"time" => time(),
"response" => $response
)
);
if($isSuccessful){
   echo "SUCCESS";
}