PHP UPDATE prepared statement

by 
$stmt = $this->mysqli->prepare("UPDATE datadump SET content=? WHERE id=?");
/* BK: always check whether the prepare() succeeded */
if ($stmt === false) {
  trigger_error($this->mysqli->error, E_USER_ERROR);
  return;
}
$id = 1;
/* Bind our params */
/* BK: variables must be bound in the same order as the params in your SQL.
 * Some people prefer PDO because it supports named parameter. */
$stmt->bind_param('si', $content, $id);

/* Set our params */
/* BK: No need to use escaping when using parameters, in fact, you must not, 
 * because you'll get literal '\' characters in your content. */
$content = $_POST['content'] ?: '';

/* Execute the prepared Statement */
$status = $stmt->execute();
/* BK: always check whether the execute() succeeded */
if ($status === false) {
  trigger_error($stmt->error, E_USER_ERROR);
}
printf("%d Row inserted.\n", $stmt->affected_rows);

Re your questions:

I get a message from my script saying 0 Rows Inserted

This is because you reversed the order of parameters when you bound them. So you’re searching the id column for the numeric value of your $content, which is probably interpreted as 0. So the UPDATE’s WHERE clause matches zero rows.

do I need to declare all the fields or is it ok to just update one field??

It’s okay to set just one column in an UPDATE statement. Other columns will not be changed.

More Related Contents:

  1. Use an array in a mysqli prepared statement: `WHERE .. IN(..)` query [duplicate]
  2. Call to a member function bind_param() on a non-object [duplicate]
  3. mysqli_stmt::bind_result(): Number of bind variables doesn’t match number of fields in prepared statement
  4. How to use mysqli prepared statements?
  5. MySQLi prepared statements error reporting [duplicate]
  6. Example of how to use bind_result vs get_result
  7. How to bind mysqli bind_param arguments dynamically in PHP?
  8. Call to a member function prepare() on a non-object PHP Help
  9. mysqli: can it prepare multiple queries in one statement?
  10. Build SELECT query with dynamic number of LIKE conditions as a mysqli prepared statement
  11. mysqli_stmt::bind_param(): Number of elements in type definition string doesn’t match number of bind variables
  12. using nulls in a mysqli prepared statement
  13. mySQLi prepared statement unable to get_result()
  14. MySQLi prepared statements with IN operator [duplicate]
  15. Is mysql_real_escape_string() necessary when using prepared statements?
  16. Using fetch_assoc on prepared statements
  17. store_result() and get_result() in mysql returns false
  18. Using wildcards in prepared statement – MySQLi
  19. bind_param Number of variables doesn’t match number of parameters in prepared statement
  20. How to prepare statement for update query? [duplicate]
  21. Using wildcards in prepared statement
  22. Mysqli Prepare Statement – Returning False, but Why? [duplicate]
  23. How to run the bind_param() statement in PHP?
  24. Is using prepared statements necessary? [duplicate]
  25. Using Prepared Statement, how I return the id of the inserted row?
  26. Should I use mysqli_real_escape_string or should I use prepared statements? [duplicate]
  27. Dynamically bind mysqli_stmt parameters and then bind result
  28. Check to see if an email is already in the database using prepared statements
  29. inserting information and image in php and mysql
  30. mysqli query results to show all rows

Leave a Comment