Jump to content
Larry Ullman's Book Forums

Oop Prepared Statement (Update)


Recommended Posts

I am not sure how to write the code for a OOP prepared UPDATE statement or how to write bind params? Does anyone know how to do it for the set of code i have below.

 

$q = "UPDATE user SET username=$username, password=$password, activation_code=NULL, registration_date=NOW() WHERE (email=$email AND activation_code=$activation_code) LIMIT 1";

// Prepare the statement:
$stmt = $mysqli->prepare($q);
// Bind the variables:
$stmt->bind_param('ss', $email, $activation);
// Execute the query:
$stmt->execute();

 

I have an error showing on my script now: Fatal error: Call to a member function bind_param() on a non-object

 

I thought prepared statements would be better on INSERTS only or am i wrong, i thought they were more secure than just using regular statements. But i think if you have already INSERTED the data with a prepared statement is it necessary?

Link to comment
Share on other sites

Still stuck with this

 

$q = "UPDATE user SET username=?, password=?, activation_code=?, registration_date=? WHERE (email=? AND activation_code=?) LIMIT 1";

 

//$q = "UPDATE user SET username=$username, password=$password, activation_code=NULL, registration_date=NOW() WHERE (email=$email AND activation_code=$activation_code) LIMIT 1";

 

$stmt->bind_param('ssssss', $username, $password, NULL, NOW(), $email, $activation_code);

 

My bind statement is not working, i can't find much example online of how to do this kind of statement, anyone have any idea? How to handle the NULL and NOW()?

Link to comment
Share on other sites

Realised i made a mistake on some of the syntax,

 

$q = "UPDATE user SET username='$username', pass='$password', activation_code=NULL, registration_date=NOW() WHERE (email='$email' AND activation_code='$activation_code') LIMIT 1";

 

Here is my statement so how to set this up in oop prepared statements, can't find anything to help me with this? Ive written the code without prepared statements and it works so query is correct but i would really like to know how to get this statement as prepared, any ideas?

Link to comment
Share on other sites

Hahahaha, it's working, it's working i used

 

$q = "UPDATE user SET username=?, pass=?, activation_code=NULL, registration_date=NOW() WHERE (email=? AND activation_code=?) LIMIT 1";

$stmt = $mysqli->prepare($q);

$stmt->bind_param('ssss', $username, $password, $email, $activation_code);

$stmt->execute();

 

;)

Link to comment
Share on other sites

 Share

×
×
  • Create New...