0

I found many answers about how to insert form data into mysql using PDO, also I found some answers related to insert data from an array like this one but actually my problem is related to the third question in my form for which I am not sure if I wrote the query in a correct way

This is my code but it give me this error:

PHP Parse error: syntax error, unexpected ';' in line ... (the line related to insert statement)

<?php
session_start();

if(isset($_POST['submit']))
{
 $_SESSION['q1'] = $_POST['q1'];
 $_SESSION['q2'] = $_POST['q2'];
 $_SESSION['q3'] = implode(',', $_POST['genre']);

 $q1 = mysql_real_escape_string($_SESSION['q1']);
 $q2 = mysql_real_escape_string($_SESSION['q2']);
 $q3 = mysql_real_escape_string($_SESSION['q3']);

 $conn = new PDO('mysql:dbname=Application;host=localhost;charset=utf8', 'user', 'xxxx');
 $conn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
 $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
 $stmt = $conn->prepare('INSERT INTO test (q1, q2, q3) VALUES (:q1, :q2, :q3)');
 $stmt->execute(array(':q1' => $q1,':q2' => $q2,':q3' => ".$q3."));
 }

 catch(Exception $e) {
     echo 'Exception -> ';
     var_dump($e->getMessage());
  }

 header('Location: Thankyou.php');
   exit;
}
?>
Community
  • 1
  • 1
mOna
  • 2,341
  • 9
  • 36
  • 60

1 Answers1

1

First of all don't mix mysql with PDO, Also use try with catch exception and

change 

$stmt->execute(array(':q1' => $q1,':q2' => $q2,':q3' => ".$q3."));

to

$stmt->execute(array(':q1' => $q1,':q2' => $q2,':q3' => $q3));
Ram Sharma
  • 8,676
  • 7
  • 43
  • 56
  • Thanks for your help but I still receive the same error :( – mOna Sep 10 '14 at 12:35
  • Mona, I can bet that this code is workable. You have error anywhere else. Just put `exit` after execute and see that values goes in db or not. – Ram Sharma Sep 10 '14 at 12:47
  • soryy I just see the line you wrote about not mixing PDO with mysql.. I am reading how to do those lines with PDO, then I will try again and inform you , thanks – mOna Sep 10 '14 at 12:54
  • you don't need to do that in case of PDO. `bindparam` take care of that but you are binding array so you don't need to worry about it – Ram Sharma Sep 10 '14 at 12:54
  • sorry but I am a newbie and I am a little confused.. why I dont need to use bindparam like e.g this example? http://stackoverflow.com/questions/1314521/how-safe-are-pdo-prepared-statements?lq=1 – mOna Sep 10 '14 at 13:09
  • You can use the bindparam, I didn't say not to use it but you are using bind array in your case. – Ram Sharma Sep 10 '14 at 13:13
  • 1
    Thanks a lot, I just read some post related to bindparam abd PDO, now I understand better :), P.S, you won the bet! It works fine, the problem was missing a )before; :) – mOna Sep 10 '14 at 13:20
  • I did it , I don't know why it was disappeared!!! anyway sorry and thanks again for your help :) – mOna Sep 11 '14 at 12:11