StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
text
Body
copied!<p>I personally would write this as so:</p> <pre><code>if (isset($_GET['id'])) { $id = $_GET['id']; $data = $article->fetch_data($id); if(isset($_POST['title'], $_POST['content'])) { $title = $_POST['title']; $content = nl2br($_POST['content']); if (empty($title) or empty($content)) { $error = 'All fields are required!'; } else { $sql = "UPDATE articles SET article_title = :title, article_content = :content, article_timestamp = :timestamp WHERE article_id = :id"; $query = $pdo->prepare($sql); $query->bindValue(":title", $title); $query->bindValue(":content", $content); $query->bindValue(":timestamp", time()); $query->bindValue(":id", $id); try { $result = $query->execute(); } catch(PDOException $e) { echo $e->getCode() . " - " . $e->getMessage(); } if($result) { header('Location: index.php'); } } } </code></pre> <p>}</p> <p>This is just my preferred way. If you are taking user input, (which im assuming you are from the <code>$_GET['id']</code>) then you should pass the bind of the ID as well to help you even further protect from SQL injection. Also the way I learned PDO was by binding my variables with the " : ". Cant say I've really ever seen anyone use the ? when dealing in PDO, but then again im more of a solo dev guy.</p> <p>Anyway that should give you what you need.</p> <p><strong>Edit:</strong> One more thing I forgot to mention. Add the <code>$result = $query->execute();</code> because PDO will return true if the statement is successful and false if it is not. So you can redirect to a different page or re-show the form with a flash message etc.</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload