CodeLobster IDE
http://codelobster.com/forum/

php prepared statements
http://codelobster.com/forum/viewtopic.php?f=3&t=24690
Page 1 of 1

Author:  guitarzRus [ Mon Nov 11, 2019 3:38 am ]
Post subject:  php prepared statements

gave up on this for awhile but thought to try the prepared statements again. I'm trying to select records from database to remember info, click on and go to the target and update the date last used, visit count, time visited and if the info hasn't been saved, save it. Below is my latest feeble attempt. I'm hoping for advice
-------------------------------------------------------------------------------------------
<!DOCTYPE html><html>
<body><center>

<?php
echo '
<div class="date">', date('m/d/y'), '</div>';
$con = new mysqli('localhost', 'root', 'cookie', 'homedb');
if ($con->connect_error)
{ echo 'Cannot Connect to mySQL: ', $con->connect_error(); }
else
{
echo '
<label for="targetEmail">E-Mail Account:</label><br>
<select name="target">
<option value="">-- select --</option>';
$targets = $con->query('SELECT target FROM emailtbl');
while ($row = $targets->fetch_array(MYSQLI_ASSOC)) echo '
<option>', $row['target'], '</option>';
echo '
</select>
<input type="submit" name="submit" value="Submit">';
}
?>
</form>
</body></html>
<?php
$con = new mysqli('localhost', 'root', 'cookie', 'homedb');
if ($con->connect_error)
{ echo 'Cannot Connect to mySQL: ', $con->connect_error(); }
else
{
if (isset($_POST['target']))
{
$stmt = $con->prepare('
SELECT target, purpose, username, password, emailused, lastused, visit-count, time-visited, saved
FROM emailtbl
WHERE target = ? ');
$stmt->bindValue(1, $_POST['target']);
$stmt->execute();
if ($row = $stmt->fetch())
{
echo '
<table class="emailResults">
<caption>
Email Activity for ', htmlspecialchars($_POST['target']), '
</caption>
<thead>
<tr>
<th scope="col">Purpose</th>
<th scope="col">Username</th>
<th scope="col">Password</th>
<th scope="col">E-Mail Used</th>
<th scope="col">Last Used</th>
<th scope="col">visit count</th>
<th scope="col">time visited</th>
<th scope="col">Saved</th>
</tr>
</thead><tbody>';
do
{
echo '
<tr>';
foreach ($row as $value) echo '
<td>', $value, '</td>';
echo '
</tr>';
}
while ($row = $stmt->fetch());
echo '
</tbody></table>';
}
else echo '<div class="error">No Results Found</div>';
}
else echo '<div class="error">No valid "target" for Query</div>';
}
$stmt = $con->prepare('
UPDATE emailtbl
SET lastused = NOW(), visit-count = visit-count + 1,
time-visited = time-visited + 1
WHERE target = ? ');
$stmt->bindParam(s, $_POST['target']);
$stmt->execute();
echo $stmt->error ? '
<div class="error">
Lastused update query error: ' . $stmt->error . '
</div>
' : ( $stmt->affected_rows > 0 ? '
<div class="success">
Success! Updated ' . $stmt->affected_rows . ' records.
</div>
' : '
<div class="error">
FAILED! No records updated.
<div>
');
?>
</body></html>
=====================================================================================
below is the result
------------------------------------------------------------------------------------
', date('m/d/y'), ''; $con = new mysqli('localhost', 'root', 'cookie', 'homedb'); if ($con->connect_error) { echo 'Cannot Connect to mySQL: ', $con->connect_error(); } else { echo ' E-Mail Account:
'; } ?> connect_error) { echo 'Cannot Connect to mySQL: ', $con->connect_error(); } else { if (isset($_POST['target'])) { $stmt = $con->prepare(' SELECT target, purpose, username, password, emailused, lastused, visit-count, time-visited, saved FROM emailtbl WHERE target = ? '); $stmt->bindValue(1, $_POST['target']); $stmt->execute(); if ($row = $stmt->fetch()) { echo ' '; do { echo ' '; foreach ($row as $value) echo ' '; echo ' '; } while ($row = $stmt->fetch()); echo '
Email Activity for ', htmlspecialchars($_POST['target']), ' Purpose Username Password E-Mail Used Last Used visit count time visited Saved
', $value, '
'; } else echo '
No Results Found
'; } else echo '
No valid "target" for Query
'; } $stmt = $con->prepare(' UPDATE emailtbl SET lastused = NOW(), visit-count = visit-count + 1, time-visited = time-visited + 1 WHERE target = ? '); $stmt->bindParam(s, $_POST['target']); $stmt->execute(); echo $stmt->error ? '
Lastused update query error: ' . $stmt->error . '
' : ( $stmt->affected_rows > 0 ? '
Success! Updated ' . $stmt->affected_rows . ' records.
' : '
FAILED! No records updated.
'); ?>

Author:  Admin [ Mon Nov 11, 2019 8:21 am ]
Post subject:  Re: php prepared statements

Hi.

We see several problems in your code:

1)
Code:
<input type="submit" name="submit" value="Submit">';


You havn't a form in your code:

Code:
<form method="post" action="">
<label for="targetEmail">E-Mail Account:</label><br>
<select name="target">
<option value="">-- select --</option>';
= ->query('SELECT target FROM emailtbl');
while ( = ->fetch_array(MYSQLI_ASSOC)){ echo '
<option>'.['target']. '</option>';
}
echo '
</select>
<input type="submit" name="submit" value="Submit">
</form>';


2)
Code:
<option>', ['target'], '</option>';


There is a concatenation problem here:

Code:
<option>'.['target']. '</option>';


3) And You should add "value" attributes for options:

Code:
'<option value="'.['target'].'">'.['target']. '</option>';



Regards,
Codelobster Team.

Page 1 of 1 All times are UTC
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/