0

I'm trying create a profile page for a web application I'm building, and I have the profile page built out, and it pulls their data out of the database fine. When I try to update the information is where I have trouble.

It should only update the row that matches the current logged in member's username. This is what I have so far:

I pull the data from the form:

$phpro_email = filter_var($_POST['phpro_email'], FILTER_SANITIZE_STRING);
$phpro_fname = filter_var($_POST['phpro_fname'], FILTER_SANITIZE_STRING);
$phpro_lname = filter_var($_POST['phpro_lname'], FILTER_SANITIZE_STRING);

I connect to the database:

$dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

And I try to update the correct row using UPDATE three columns in my table name which is phpro_users and I specify the row using WHERE phpro_username is equal to the value of the current logged in users.

$stmt = $dbh->prepare("UPDATE phpro_users SET phpro_fname = :phpro_fname, phpro_lname = :phpro_lname, phpro_email = :phpro_email WHERE phpro_username = :phpro_username");
$stmt->bindParam(':phpro_username', $phpro_username);
$stmt->bindParam(':phpro_fname', $phpro_fname, PDO::PARAM_STR);
$stmt->bindParam(':phpro_lname', $phpro_lname, PDO::PARAM_STR);
$stmt->bindParam(':phpro_email', $phpro_email, PDO::PARAM_STR);

$stmt->execute();

When I click submit on the form with this script as it's action and it's method=post I just get a blank white screen. Any ideas on what I'm doing wrong?

Improve this question
0

2 Answers 2

Reset to default
3

Change 

$stmt->bindParam(':phpro_username', $phpro_username);

to

$stmt->bindParam(':phpro_username', $phpro_username, PDO::PARAM_STR);

It may be defaulting to something strange, best to force it to a value.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I'm a man of my words ;) good show. That one was a head scratcher.
0

Try changing your SQL to use proper UPDATE syntax

UPDATE phpro_users SET
    phpro_fname = :phpro_fname, 
    phpro_lname = :phpro_lname, 
    phpro_email = :phpro_email
WHERE phpro_username = :phpro_username

You also don't need to use filter_var() since you're using prepared statements

Improve this answer

7 Comments

I updated my code above to reflect your suggestions, and I'm still having the same problem. Any ideas?
Can you post more of your code then? It sounded like your SQL statement was failing but if more is happening we're going to need more details
The only other code is the HTML form itself? That's all I've got in terms of PHP. Do you want me to post the form?
No, that wouldn't be your problem. Try doing print_r($dbh->errorInfo()); after your execute() and see if it shows anything
This is the result: Array ( [0] => 00000 [1] => [2] => )
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.