Novice to Ninja Chapter 4: Inserting Data into the database

I’m following the examples in the book except that I’ve substituted different names for my db, etc.

My database name is films
The column I’m trying add data to is Title
I named the folder in htdocs addfilm
instead of jokes.html.php I have a flle named films.html.php and I substituted $films and $title in this line: <?php foreach ($films as $title): ?> though netbeans indicates that the variable $films seems to be uninitilized (not sure what that means)
in the form.html.php file I substituted titletext for joketext
Here’s part of the code for my index.php file:

if (isset($_GET['addfilm']))
{
  include 'form.html.php';
  exit();
}

try
{
  $pdo = new PDO('mysql:host=localhost;dbname=films', 'films', '*****');
  $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  $pdo->exec('SET NAMES "utf8"');
}
catch (PDOException $e)
{
  $error = 'Unable to connect to the database server.';
  include 'error.html.php';
  exit();
}

if (isset($_POST['Title']))
{
  try
  {
    $sql = 'INSERT INTO films SET
        titletext = :titletext,
        titledate = CURDATE()';
    $s = $pdo->prepare($sql);
    $s->bindValue(':titletext', $_POST['titletext']);
    $s->execute();
  }
  catch (PDOException $e)
  {
    $error = 'Error adding submitted title: ' . $e->getMessage();
    include 'error.html.php';
    exit();
  }

  header('Location: .');
  exit();
}

try
{
  $sql = 'SELECT Title FROM films';
  $result = $pdo->query($sql);
}
catch (PDOException $e)
{
  $error = 'Error fetching films: ' . $e->getMessage();
  include 'error.html.php';
  exit();
}

while ($row = $result->fetch())
{
  $films[] = $row['Title'];  // netbeans indicates that the variable $films seem to be uninitialized
}

include 'films.html.php';

When I load this into my browser I don’t get any error messages but when I try to add a title via the form it isn’t added to the database.


$films=array();
$films = $s->fetchAll();

You could use that instead of the while loop, it will grab the entire result set in one go

Thanks. Perhaps I entered the code incorrectly but now when I load the addfilm page I get this message:

Notice: Undefined variable: s in /Applications/MAMP/htdocs/addfilm/index.php on line 78
Fatal error: Call to a member function fetchAll() on a non-object in /Applications/MAMP/htdocs/addfilm/index.php on line 78

Here’s the end of the code after I pasted in your suggested code:

try
{
  $sql = 'SELECT Title FROM films';
  $result = $pdo->query($sql); // netbeans indicates that variable $result seems to be unused in its scope
}
catch (PDOException $e)
{
  $error = 'Error fetching films: ' . $e->getMessage();
  include 'error.html.php';
  exit();
}
{
$films=array();
$films = $s->fetchAll(); 
}
include 'films.html.php';

I’m pretty sure my error has to do with the $films variable. In the book it’s $jokes and I assumed that jokes in that variable is the name of the database.

Should have been


$result->fetchAll();

not $s->fetchAll();

Thanks but now I’m getting this error message when I load the page: Warning: htmlspecialchars() expects parameter 1 to be string, array given in /Applications/MAMP/htdocs/addfilm/films.html.php on line 12

Here is the code from line 12:

<?php foreach ($films as $title): ?>

Here’s the code for films.html.php:

<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="utf-8">
    <title>List of Films</title>
  </head>
  <body>
    <p><a href="?addfilm">Add Film Title</a></p>
    <p>Here are all the films in the database:</p>
    <?php foreach ($films as $title): ?>
      <blockquote>
        <p><?php echo htmlspecialchars($title, ENT_QUOTES, 'UTF-8'); ?></p>
      </blockquote>
    <?php endforeach; ?>
  </body>
</html>

Well, I figured this out on my own. Here’s an excerpt of the correct code for the index.php file:

if (isset($_POST['titletext'])) // I had 'Title' here before instead of 'titletext' which represents the text entered in the add film text box
{
  try
  {
    $sql = 'INSERT INTO films SET
        Title = :titletext'; // formerly I had titletext instead of Title - didn't realize that the first field is the name of a column in my table
        titledate = CURDATE()'; // I deleted this line as I don't have a column titledate in my table
    $s = $pdo->prepare($sql);
    $s->bindValue(':titletext', $_POST['titletext']);
    $s->execute();

Then at the bottom I changed this:

while ($row = $result->fetch())
{
  $films[] = $row['Title'];  // $films should have been $titles. I thought that films in $films stood for the name of my database but I guess it's the name of the variable set in films.html.php (see below)
}

Excerpt from films.html.php:

<?php foreach ($titles as $film): ?>
      <blockquote>
        <p><?php echo htmlspecialchars($film, ENT_QUOTES, 'UTF-8'); ?></p>
      </blockquote>
    <?php endforeach; ?>

Would appreciate any comments that would help clarify this further for me.