Previously, we looked at how to read data from a MySQL database, using PDO. So, how do you add records and update them?
Let’s start with how to add a record …
<?php // What are we inserting into the database table? $FirstName = 'Steve'; $LastName = 'Ollinger'; $Username = 'sollinger'; // Create a DSN for MySQL // (Syntax: 'mysql:host=[server];dbname=[database]') $MySQLDSN = 'mysql:host=localhost;dbname=TestDatabase'; try { // Create a new (MySQL) PDO object // (Syntax: 'PDO([DSN], [UserName], [Password]') $db = new PDO($MySQLDSN, 'TestUser', 'TestPassword'); // What is your intended query? $sql = 'insert into users (vcFirstName,vcLastName,vcUsername) values (:FirstName,:LastName,:Username)'; // Prepare the statement $query = $db->prepare($sql); // Execute the statement $query->execute(array(':FirstName'=>$FirstName, ':LastName'=>$LastName, ':Username'=>$Username)); // Store any resulting errors $errorInfo = $db->errorInfo(); // If there were any errors, assign them to the error variables if (isset($errorInfo[2])){ $error = $errorInfo[2]; } } catch (PDOException $e) { // Catch any PDO exceptions $error = $e->getMessage(); } // Did an error occur during the above operation? if (isset($error)) { // Display the error echo $error; } else { // Indicate that all went well echo 'OK'; } ?>
As you can see, above, it looks very similar to our demo for ‘Using PDO to query a database’. There are a few new things, though. We are using prepare() to get a statement object. We then use execute() to execute the prepared statement.
So, now that we have added a new record, how do we update a preexisting record? As you would expect, you can use the same syntax as above but let’s check out an alternate syntax.
<?php // What is the new data for Steve's record? $FirstName = 'Steven'; $LastName = 'Ollinger'; $Username = 'ollinger'; // What record are we updating? $id = 6; // Create a DSN for MySQL // (Syntax: 'mysql:host=[server];dbname=[database]') $MySQLDSN = 'mysql:host=localhost;dbname=TestDatabase'; try { // Create a new (MySQL) PDO object // (Syntax: 'PDO([DSN], [UserName], [Password]') $db = new PDO($MySQLDSN, 'TestUser', 'TestPassword'); // What is your intended query? $sql = "update users set vcFirstName=?,vcLastName=?,vcUsername=? where intID_pk=?"; // Prepare the statement $query = $db->prepare($sql); // Execute the statement $query->execute(array($FirstName,$LastName,$Username,$id)); // Store any resulting errors $errorInfo = $db->errorInfo(); // If there were any errors, assign them to the error variables if (isset($errorInfo[2])){ $error = $errorInfo[2]; } } catch (PDOException $e) { // Catch any PDO exceptions $error = $e->getMessage(); } // Did an error occur during the above operation? if (isset($error)) { // Display the error echo $error; } else { // Indicate that all went well echo 'OK'; } ?>
I like the first syntax more than the second. There is less likelihood of making a dumb mistake.