0

I have problem in PHP. Insert is not working and I don't know why!

public function create($table,$fields =array()){
    $columns=implode(' ', array_keys($fields));
    $values=':'.implode(', :',array_keys($fields));
    $sql="INSERT INTO {$table} ({$columns}) VALUES ({$values}))";
    var_dump($fields);  

    if($stmt =$this ->pdo ->prepare($sql)){
        foreach ($fields as $key => $data) {
            $stmt ->bindValue(':' .$key,$data);
        }

        $stmt ->execute();

        return $this->pdo->lastInsertId(); 
    }
}

And the signup form is this:

$user_id=$getFromU->create('users', array(email => $email,'password'   =>md5($password),'screenName' => $screenName, 'profileImage' =>'assets/images/defaultProfileImages','profileCover' =>'asset/images/defaultCoverImages'));
$_SESSION['user_id']=$user_id;
header('Location:includes/signup.php?step=1');
krlzlx
  • 5,752
  • 14
  • 47
  • 55
Bedri Asllani
  • 1
  • 1
  • Note that your database is wide open for injection attack, please prepare those statements! http://bobby-tables.com – Loek Jun 05 '18 at 10:19
  • What are your error logs saying ? at least use quotes for email in signup form: array('email' => $email ... – FatFreddy Jun 05 '18 at 10:29
  • It doesnt show any error – Bedri Asllani Jun 05 '18 at 10:30
  • 3
    At the very least, you need to add some commas between your column names and remove the extra closing bracket around the SQL. See https://stackoverflow.com/questions/32648371/my-pdo-statement-doesnt-work for some debugging tips, including how to enable error reporting. [You might also want to look into some proper password hashing.](https://stackoverflow.com/questions/401656/secure-hash-and-salt-for-php-passwords) – iainn Jun 05 '18 at 10:34
  • Can you be more specific please. I have a school project so im not really an expert in php. – Bedri Asllani Jun 05 '18 at 11:21

0 Answers0