How to insert a php variable into a database table with input?

Question

I can't figure out why my code isn't working. I'm trying to insert a dynamic variable to a table in my database with regular input in a form.

Like this, here is my query code:

if (isset($_POST['submit'])) {
            // Check if movie allready is added.
            $stmt = $dbh->prepare("SELECT * FROM watchlist WHERE movie_title='{$_POST['$title']}'");
            $stmt->bindParam(':movie_title', $_POST[$movie->title]);
            $stmt->execute();

            $rows = $stmt->fetchALL();
            $n = count($rows);

            if($n > 0){
            echo 'Du är redan peppad på filmen!';
            }


            $sql = $dbh->prepare("INSERT INTO watchlist(movie_title, movie_des, movie_link) 
                                 VALUES ('{$_POST['title']}', '{$_POST['description']}', '{$_POST['link']}'"); 
            $sql->bindParam(':title', $_POST['title']);
            $sql->bindParam(':description', $_POST['description']);
            $sql->bindParam(':link', $_POST['link']);
            $sql->execute();
            header("Location: ../index.php");
            exit;
        }

And here is my form:

$title = $movie->title;
    $description = $movie->description;
    $link = $movie->link;
    echo '<div class="view">';
    echo '<h3>' . $title . '</h3>';
    echo  $description . '<br/>';
    echo '<a href="'. $link . '" target="_blank">L&auml;s mer...</a><br/><br/>';
    echo '<a href="index.php">Tillbaka</a>';
    echo '<div class="form_dis"></div>';
    echo '<div class="form_content">';
    echo '<form action="queries/insert.php" method="post">',
         '<input type="hidden" name="title" value="$title">',
         '<input type="hidden" name="description" value="$description">',
         '<input type="hidden" name="link" value="$link">',
         '<input type="submit" name="submit" value="Peppa!">',
         '</form></div>';

I get send back to my index page but nothing has been added to the database and I just can't figure out why. Is there anything wrong with my code that I'm missing?

Use this answer to get the PDO error: http://stackoverflow.com/questions/3999850/pdo-error-message — ozahorulia, Feb 12 '14 at 13:12
Your binds don't match your column names. I.e.: `':title'` should be `':movie_title'` etc. — Funk Forty Niner, Feb 12 '14 at 13:15
@Fred-ii- I've tried that but still doesn't work. And @Hast I tried using the code `print_r($sql->errorInfo())` after my execute and took the header away, and got no error message, and I got the `PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING` in my dbconnection. — Bondenn, Feb 12 '14 at 13:16
Also try changing `'{$_POST['title']}'` to `'{$_POST[title]}'` etc. — Funk Forty Niner, Feb 12 '14 at 13:20
@Fred-ii- I tried changing it but still no luck. Error message is working now at least so I'll try to debug it. — Bondenn, Feb 12 '14 at 13:24
In addition, try `$stmt->execute(array(':movie_title' => $_POST['title'],':movie_des' => $_POST['description'],':movie_link' => $_POST['link']));` instead of `$sql->execute();` — Funk Forty Niner, Feb 12 '14 at 13:25
and change to `VALUES (:movie_title, :movie_des, :movie_link)` — Funk Forty Niner, Feb 12 '14 at 13:32
@Fred-ii- I tried it and it only says `Array ( [0] => [1] => [2] => )` and I'm clueless, I'll try googling it. — Bondenn, Feb 12 '14 at 13:32
I'll post an answer, it'll be easier that way. Give me a few minutes. Is it just the INSERT that's giving you a hard time? — Funk Forty Niner, Feb 12 '14 at 13:36
I made a mistake earlier about `$stmt->execute(array...` that should have been `$sql->execute(array...` by the way. — Funk Forty Niner, Feb 12 '14 at 13:38
@Fred-ii- Thank you, Yes I believe it's only the insert, I seem to always get the error `Array ( [0] => [1] => [2] => )`, and my database is still empty. Yeah I noticed that before and have changed it to $sql but still the same problem. — Bondenn, Feb 12 '14 at 13:39
Have a look at what I posted below, it's based on what I use myself. — Funk Forty Niner, Feb 12 '14 at 13:43
I edited my answer. I changed `$sql = $dbh->prepare($sql);` to `$sql = $dbh->prepare($sql_1);` Reload in case you seen it. And `$sql = "INSERT...` to `$sql_1 = "INSERT...` — Funk Forty Niner, Feb 12 '14 at 13:46

score 1 · Accepted Answer · answered Feb 12 '14 at 13:43

1

Give this a try:

if (isset($_POST['submit'])) {
    $sql_1 = "INSERT INTO watchlist (movie_title,
    movie_des,
    movie_link
    ) VALUES (
    :movie_title, 
    :movie_des, 
    :movie_link)";

    $sql = $dbh->prepare($sql_1);

    $sql->bindParam(':movie_title', $_POST['title']);
    $sql->bindParam(':movie_des', $_POST['description']);
    $sql->bindParam(':movie_link', $_POST['link']);
    $sql->execute(array(':movie_title' => $_POST['title'],':movie_des' => $_POST['description'],':movie_link' => $_POST['link']));

    if($sql != false) {
    echo "Success!";
    } else {
        echo "An error occured saving your data!";
    }

//  header("Location: ../index.php");
//  exit;
}

answered Feb 12 '14 at 13:43

Funk Forty Niner

74,450
15
68
141

This works, but the weird thing is that it inserts the actual variables in my database, and not the data the variable referring to. So instead of for example inserting "Batman the movie" to my database it's inserting $title. Guess this has nothing to do with the code I posted. It must be something else wrong with my application, bughunting it is... – Bondenn Feb 12 '14 at 13:49
Hm... I think it may have something to do with your hidden values `` etc. @Bondenn – Funk Forty Niner Feb 12 '14 at 13:50
Can you try changing `$sql->bindParam(':movie_title', $_POST['title']);` to `$sql->bindParam(':movie_title', $_POST['title'], PDO::PARAM_STR);` to see if it makes it kick in? @Bondenn and try removing the `value="$title"` also – Funk Forty Niner Feb 12 '14 at 13:52
I'll try this out and let you know! – Bondenn Feb 12 '14 at 13:55
Ok, let's cross our fingers ;-) @Bondenn – Funk Forty Niner Feb 12 '14 at 13:56
Hmm now I don't get the variables in the table, and the id is always 0, so before a row looked like this: 0, $title, $description, $link, and now it's just the "0". – Bondenn Feb 12 '14 at 13:58
1

Woho I fixed it! By changing the `value="$title"` to `value="'.$title.'"` :) – Bondenn Feb 12 '14 at 14:01
Can you try `$sql->bindParam(':movie_title', '{$_POST['title']}';` with the braces etc. @Bondenn – Funk Forty Niner Feb 12 '14 at 14:01
But I still get id "0". I guess I have to pass another hidden input with id in the form? – Bondenn Feb 12 '14 at 14:02
Heyyyyy right on!! Glad to hear it :) @Bondenn and yes probably. – Funk Forty Niner Feb 12 '14 at 14:02
You're very much welcome, was glad to help. It's always a good feeling when a solution has been found, cheers! @Bondenn – Funk Forty Niner Feb 12 '14 at 14:05

How to insert a php variable into a database table with input?

1 Answers1