delete into table1 not producing an error

Question

I have the following script, which should be producing errors, but it does not:

<?php
    error_reporting( E_ALL | E_STRICT );
    ini_set('display_errors', 1);
?>

<html>
    <head>
        <title></title>
        <link rel="icon" type="image/png" href="favicon.ico">

        <?php
            $err = array();

            if( $_SERVER['REQUEST_METHOD']=='POST' ) {
                if( empty( $_POST['display_name'] ) ) $err[] = "display name field is required";
                if( empty( $_POST['email'] ) ) $err[] = "email field is required";
                if( empty( $_POST['password'] ) ) $err[] = "password field is required";

                if( !$err ) {
                    try {
                        $DBH = new PDO( "mysql:host=localhost;dbname=database1", "user", "pass" );
                        $DBH -> setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );

                        $STH = $DBH -> prepare( "delete into table1 (display_name, email, password) values ( :display_name, :email, :password )" );

                        $STH -> bindParam( ':display_name', $_POST['display_name'], PDO::PARAM_STR, 100 );
                        $STH -> bindParam( ':email', $_POST['email'], PDO::PARAM_STR, 100 );
                        $STH -> bindParam( ':password', $_POST['password'], PDO::PARAM_STR, 100 );

                        $STH -> execute();

                        $STH = $DBH -> prepare( "delete into table2 ( username, status, users_id ) values ( :username, :status, :users_id )" );

                        $strStatus = 1;

                        $STH -> bindParam( ':username', $_POST['display_name'], PDO::PARAM_STR, 100 );
                        $STH -> bindParam( ':status', $strStatus, PDO::PARAM_INT, 1 );
                        $STH -> bindParam( ':users_id', $_POST['referer'], PDO::PARAM_INT, 1 );

                        $STH -> execute();

                        $DBH = null;
                    } catch( PDOException $e ) {
                        echo $e -> getMessage();
                    }

                    header( "Location: ".$_SERVER['PHP_SELF'] );
                    exit;
                } else {
                    foreach( $_POST as $key => $val ) {
                        $form[$key] = htmlspecialchars($val);
                    }
                }
            } else {
                $form['display_name'] = $form['email'] = $form['password'] = '';
            }
        ?>
    </head>

    <body>
        <?php foreach( $err as $line ) { ?>
        <div style="error"><?php echo $line; ?></div>
        <?php } ?>

        <h1>register</h1>

        <form method="post">
            referers id:<br />
            <input type="text" name="referer" /><br /><br />

            name:<br />
            <input type="text" name="display_name" value="<?php echo $form['display_name']; ?>" /><br /><br />

            email:<br />
            <input type="text" name="email" value="<?php echo $form['email']; ?>" /><br /><br />

            password:<br />
            <input type="text" name="password" value="<?php echo $form['password']; ?>" /><br /><br />

            <input type="submit" value="register" />
        </form><br /><br />

        or register with one of your existing accounts:<br /><br />

        facebook<br /><br />

        google
    </body>
</html>

Look at the 2 SQL queries...

I see nothing [in the MySQL manual](http://dev.mysql.com/doc/refman/5.0/en/delete.html) that permits the syntax `DELETE INTO`... — Charles, Mar 26 '11 at 05:16
That is the point, I was trying to produce a deliberate error to make sure the error messages are working. — oshirowanen, Mar 26 '11 at 07:56

score 0 · Answer 1 · edited May 23 '17 at 09:58

0

I don't think execute() will raise an Exception (please if I'm wrong, someone correct me).

It will send the prepared statement (query) to the database and return TRUE or FALSE, depending on success.

You can check that returned value and echo $STH -> error to see the MySQL error message. Something like this:

$success = $STH -> execute();

if (! $success) 
    echo $STH -> error

Check this similar problem: MySQLi prepared statements error reporting

edited May 23 '17 at 09:58

Community

1
1

answered Mar 25 '11 at 22:30

ypercubeᵀᴹ

113,259
19
174
235

I think it has something to do with the header location and exit;. – oshirowanen Mar 25 '11 at 22:32
Yes, I don't understand the logic behind the `exit;` there. Perhaps there is misplacement of a curly brace or the exit. – ypercubeᵀᴹ Mar 25 '11 at 22:43

score 0 · Accepted Answer · answered Mar 26 '11 at 07:57

0

Got it working by moving the header location and exit lines above the catch after the db null line.

answered Mar 26 '11 at 07:57

oshirowanen

15,297
82
198
350

that's why catching action should contain something more sensible than just echo – Your Common Sense Mar 26 '11 at 08:24

delete into table1 not producing an error

2 Answers2