Search & Update table using 2 variables

时间:2015-09-01 21:37:48

标签: mysqli

Please help me out with this. I am learning using w3s & stackoverflow support which I really appreciate. I am learning MySQLi now. I was able to set up table on wamp server. The table has 5 columns for UserId, Password, Telephone, email and Program. The 1st time a user logs on, the userid & password are inserted in the table. This works fine. The user is free to log out & return later to continue. Next, the user provides Telephone, email & program info. The task now is to search the table for this user using the UserId & Password provided to update the Telephone, email and Program columns. I have problem achieving this. Below my doc, syntax etc.

<form method="post" action="stackhelpupdate.php">
<b>User Id:<b><br>
<input name="userid" type="text" required pattern="[A-Za-z0-9.-_]{5,10}"> 
<br>
<b>Password:<b><br>
<input name="userpswd" type="password" required pattern="[A-Za-z0-9&*] 
{8,20}"><br>
<b>Telephone* </b><br>
<input type="text" name='myfone' required pattern="[0-9+]{5,15}"><br>
<b>e-mail Address*<b><br>
<input type="email" name='myemail' required pattern="[A-Za-z0-9@.-_]{5,30}">
<br>
<b>Program* </b><br>
<input type="text" name='myprog' pattern="[A-Za-z0-9]{3,10}"><br>
<p><b><i>Review all your inputs above. When you are satisfied, click 
Submit</p></b></i>
<input id="submit" type="submit" value="Submit">
</form>

This form successfully post to stackhelpupdate.php which is like this:

<table id="usercontact">
<tbody>
<tr>
<th class="hdr">Telephone</td>
<td><input type="text" name='myfone' readonly value="<?php echo $myfone;?>">   
</td>
</tr>
<tr>
<th class="hdr">email</td>
<td><input type="text" name='myemail' readonly value="<?php echo $myemail;?
>"></td>
</tr>
<tr>
<th class="hdr">Program</td>
<td><input type="text" name='myprog' readonly value="<?php echo $myprog;?>">   
</td>
</tr>
</tbody>
</table>
<br>
<form action="next.php" method="post">
<input id='submit' type="submit" value="Next">

Note that I have structured this way for learning purpose only. Code for server end is this:

<?php
$servername = "localhost";
$username = "user";
$password = "hellosir";
$dbname = "mydB";
$conn = mysqli_connect($servername, $username, $password, $dbname);
if (!$conn) {
    die("Connection failed: " . mysqli_connect_error());
}
$userid = test_input($_POST["userid"]);
$userpswd = test_input($_POST["userpswd"]);
$myfone = test_input($_POST["myfone"]);
$myemail = test_input($_POST["myemail"]);
$myprog = test_input($_POST["myprog"]);
function test_input($data) {
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    return $data;
}
$sql="UPDATE `mytbl` SET `Telephone`=".$_POST['myfone'].",`email`=".$_POST['myemail'].",`Program`=".$_POST['myprog']." WHERE `UserId`=.$userid. AND `Password`=.$userpswd.";
if (mysqli_query($conn, $sql)) {
    echo "User data saved successfully";    
} else {
    echo "Error saving your data " . mysqli_error($conn);
}
mysqli_close($conn);
?>

I got the following error:

Error saving usercontact data You have an error in your SQL syntax; check   
the manual that corresponds to your MySQL server version for the right  
syntax to use near `Telephone`=0802301' at line 1

I have also tried Prepared Statement below which also failed:

$conn->query("update mytbl SET Telephone = ?, email = ?, Program = ? WHERE  
UserId = ? AND Password = ?"); 
$conn->bindParam("sssss", $myfone, $myemail, $myprog, $userid, $userpswd); 
$conn->execute();

I got the error:

Fatal error: Call to undefined method mysqli::bindParam() in   
C:\wamp\www\stackhelpupdate.php on line 66

1. Please help me identify my errors. 2. I think my major problem is the insufficient examples in w3s. Any other useful sites for PHP & SQL. 3. Apart from PHP, is there a javascript method to work also on tables in database. Appreciate all efforts.

2 个答案:

答案 0 :(得分:0)

Your prepared statement codes are wrong. Please look at following example.

$conn = new mysqli($servername, $username, $password, $dbname);

// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

// prepare and bind
$stmt = $conn->prepare("INSERT INTO MyGuests (firstname, lastname, email) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $firstname, $lastname, $email);

// set parameters and execute
$firstname = "John";
$lastname = "Doe";
$email = "john@example.com";
$stmt->execute();

You need to cover your codes as follow.

$conn->prepare("update mytbl SET Telephone = ?, email = ?, Program = ? WHERE  
UserId = ? AND Password = ?"); 
$conn->bind_param("sssss", $myfone, $myemail, $myprog, $userid, $userpswd); 
$conn->execute();

答案 1 :(得分:0)

以下准备好的声明可以正常使用:

$stmt = $conn->prepare("update mytbl SET Telephone = ?, email = ?, Program = 
? WHERE  UserId = ? AND Password = ?"); 
$stmt->bind_param("sssss", $myfone,  $myemail, $myprog, $userid, $userpswd);
$stmt->execute();