SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Wizard
    Join Date
    Feb 2007
    Location
    Southern California
    Posts
    1,314
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    Confused about PDO and inserting SELECT values into form field

    I'm trying to follow Kevin Yank's Sitepoint book, PHP & MYSQL: Novice to Ninja. I'm hitting a snag. When creating a page with a form showing the row contents in <input> fields (so the viewer can edit the table row contents in case he made a mistake), and its submit button returns the same page for insertion, is this the right skeleton to follow when using PDO? I've voiced a few of my doubts below in comments (page numbers refer to edition 5 of book for my reference):

    Code:
    /* If user has edited the form and pressed the submit button, do the following up to the else{ statement: */
    <?php
    $pdo = // ... connection stuff...
    
    // p 125:
    if (isset($_POST['xxxx_id']))
    {
    if (isset($_POST['xxxx1']))
    if (isset($_POST['xxxx2']))
    // Do I need all of the above in order to declare the values, or only the first one? 
    
    // (There's no "UPDATE ... SET" example in the book; follow same process as in INSERT?)
    try
    {
    $sql = "UPDATE ... SET
    xxxx1 = :xxxx1,
    xxxx2 = :xxxx2
    WHERE xxxx_id = :xxxx_id
    ";
     $s = $pdo->prepare($sql);
     $s->bindValue(':xxxx1', $_POST['xxxx1']);
     $s->bindValue(':xxxx2', $_POST['xxxx2']);
     $s->execute();
    }
    
    catch (PDOException $e)
    {
    echo 'Error performing update: ' . $e->getMessage();
    exit();
    }
    
    echo 'Success! <a href="Provide link"> to another page.</a>'
    } // end if isset
    
    
    
    
    /* If submit button hasn't been pressed, show the form with fields filled out. */
    // p 129: 
    
    
    
    else
    {
    if (isset($_POST['xxxx_id']))
    if (isset($_POST['xxxx1']))
    if (isset($_POST['xxxx2']))
    // Do I need all of the above in order to declare the values, or only the first one? 
    
    try
    {
    $sql = "SELECT ...
    xxxx1 = :xxxx1,
    xxxx2 = :xxxx2
    FROM ...
    WHERE xxxx_id = :xxxx_id
    ";
    $result = $pdo->query($sql);
    }
    
    catch (PDOException $e)
    {
    echo 'Error performing select statement: ' . $e->getMessage();
    exit();
    }
    
    while ($row = $result->fetch())
    {
    $tabledata[] = $row['xxxx1'];
    $tabledata[] = $row['xxxx2'];
    }
    
    /* ... NOT SURE WHAT GOES HERE TO FILL IN THE FOLLOWING FORM ... */
    
    <form action="<?php echo $_SERVER['PHP_SELF']; ?>?xxxx_id=<?php echo $xxxx_id; ?>" method="post">
    <label>Name: <input type="text" name="xxxx1" value="<?php echo htmlspecialchars($xxxx1, ENT_QUOTES, 'UTF-8') ?>"></label>
    <label>Address: <input type="text" name="xxxx2" value="<?php echo htmlspecialchars($xxxx2, ENT_QUOTES, 'UTF-8') ?>"></label>
    
    <input type="submit" value="Submit Changes">
    </form>
    
    } // end else
    ?>
    Steve Husting

  2. #2
    SitePoint Wizard
    Join Date
    Feb 2007
    Location
    Southern California
    Posts
    1,314
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Probably the if issets should be:

    Code:
    if (isset($_POST['xxxx_id']))
    	$xxxx_id = htmlspecialchars($xxxx_id, ENT_QUOTES, 'UTF-8');
    if (isset($_POST['xxxx1']))
    	$xxxx1 = htmlspecialchars($xxxx1, ENT_QUOTES, 'UTF-8');
    if (isset($_POST['xxxx2']))
    	$xxxx2 = htmlspecialchars($xxxx2, ENT_QUOTES, 'UTF-8');
    Steve Husting

  3. #3
    SitePoint Wizard
    Join Date
    Feb 2007
    Location
    Southern California
    Posts
    1,314
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    This has been resolved.
    Steve Husting


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •