Updating multiple MySQL columns

StackOverflow https://stackoverflow.com/questions/22994260

Question

I tried to make an update query but I don't know how to do it. Here is what I thought may work but it didn't. I only need help with the SQL query.

<?php
session_start();
include_once ('../includes/connection.php');
include_once ('../includes/article.php');
$artikel = new Artikel;
if (isset($_SESSION['logged_in'])) {
    if (isset($_GET['id'])) {
        $titel = $_POST['titel'];
        $indhold = $_POST['indhold'];
        $id = $_GET['id'];
        $query = $pdo->prepare('UPDATE artikler SET artikel_titel = "?", artikel_indhold = "?", sidst_opdateret = "?" WHERE artikel_id = ?');
        $query->bindValue(1, $titel);
        $query->bindValue(2, $indhold);
        $query->bindValue(3, time());
        $query->bindValue(4, $id);
        $query->execute();
        header('location: index.php');
    }
    $artikler = $artikel->fetch_all();
    if (empty($titel) or empty($indhold)) {
        $error = 'Alle felter skal udfyldes';
    } else {
        $query = $pdo->prepare('INSERT INTO artikler (artikel_titel, artikel_indhold, sidst_opdateret) VALUES (?, ?, ?)');
        $query->bindValue(1, $titel);
        $query->bindValue(2, $indhold);
        $query->bindValue(3, time());
        $query->execute();
        header('location: index.php');
    }
?>
<html>
<head>
<meta charset="UTF-8">
    <title>Ændre side</title>
    <link rel="stylesheet" href="../assets/style.css">
    <link rel="shortcut icon" href="/billeder/book.png">
</head>
<body>
<div class="container">

    <h4>Ændre side</h4>
    <br>
  <form action="edit.php" method="get">
    <select name="id">
    <?php foreach($artikler as $artikel) { ?>
    <option value="<?php echo $artikel['artikel_id']; ?>">
    <?php echo $artikel['artikel_titel']; ?>
    </option>
    <?php } ?>
    </select>
    <br>
    <input type="text" name="titel" placeholder="Ny Titel">
    <br>
        <textarea name="indhold" cols="50" rows="15" placeholder="Indhold"><?php echo $artikel['artikel_indhold']; ?></textarea>
<br>
<input type="submit" value="Ændre">
  </form>
  <a href="index.php" id="logo">&larr;Tilbage</a>
</div>
</body>
</html>
<?php
} else {
    header('location: index.php');
}
?>
Was it helpful?

Solution

Your prepared statements are incorrect. You do NOT quote the placeholders. e.g.

INSERT INTO foo (bar) VALUES ('?')
                              ^-^--- incorrect

You do

INSERT INTO foo (bar) VALUES (?)

instead. The DB engine will take care of all quoting for you.

OTHER TIPS

Tr removing the ' and " around the ?:

$query = $pdo->prepare('UPDATE artikler SET artikel_titel = ?, artikel_indhold = ?, sidst_opdateret = ? WHERE artikel_id = ?');
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top