MySQLi update prepared statement not updating data

So I have this update statement which when I dump the $_POST variables., I get the outputs I want.

 $stmt = $dbConnectionW->prepare("UPDATE members SET 
                          fname='". mysqli_real_escape_string($dbConnectionW, $_POST['fname']) ."',
                          sname='". mysqli_real_escape_string($dbConnectionW, $_POST['sname']) ."',
                          gender='". mysqli_real_escape_string($dbConnectionW, $_POST['gender']) ."',
                          nationality='". mysqli_real_escape_string($dbConnectionW, $_POST['nation']) ."',
                          year='". mysqli_real_escape_string($dbConnectionW, $_POST['year']) ."',
                          dep1='". mysqli_real_escape_string($dbConnectionW, $_POST['dep1']) ."',
                          dep2='". mysqli_real_escape_string($dbConnectionW, $_POST['dep2']) ."',
                          f_pos='". mysqli_real_escape_string($dbConnectionW, $_POST['f_pos']) ."',
                          f_region='". mysqli_real_escape_string($dbConnectionW, $_POST['f_region']) ."',
                          exp_comp='".$comp."',
                          exp_dep='".$comp_dep."',
                          shareinfo='".$shareinfo."',
                          interest='".$interest."',
                          userconfirm = '1'
                              WHERE confirmcode = '".$passkey."';");
              $stmt->execute(); 
              if (!$stmt)
              {
              die('Error: ' . mysqli_error($dbConnectionW));
              }
              $smst-> close(); }}} mysqli_close($dbConnectionW);
      }

Basically the issue is that it won't update the database! It works with no errors, but the database does not get updated after this sql/php attempt.

Can anyone see anything wrong with my code? What are some possible causes for why my would my database not be updated? I've been starting at this for the past hour.

标签： php mysql database mysqli prepared-statement

1条回答

Ridiculous、

2楼-- · 2019-07-16 02:44

You don't need to escape your variables in a prepared statement, instead you should bind your variables before executing the statement. Also the column names should be inside ` marks.

$stmt = $dbConnectionW->prepare("UPDATE members SET 
                      `fname`=?,
                      `sname`=?,
                      `gender`=?,
                      `nationality`=?,
                      `year`=?,
                      `dep1`=?,
                      `dep2`=?,
                      `f_pos`=?,
                      `f_region`=?,
                      `exp_comp`=?,
                      `exp_dep`=?,
                      `shareinfo`=?,
                      `interest`=?,
                      `userconfirm`=?
                          WHERE `confirmcode`=?");
$stmt->bind_param('ssssissssssssis',$_POST['fname'],$_POST['sname'],$_POST['gender'],...);          
$stmt->execute();

I haven't included all the bound parameters for brevity.

Hope this helps.

0人赞添加讨论(0) 举报

MySQLi update prepared statement not updating data

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间