PHP/MYSQL novice to ninja page 200 challenge issue

ellypho · July 6, 2012, 10:44pm

I’ve been learning php/mySQL thru a manual by sitepoint and have run into a problem trying to complete a challenge in the book.

They’ve asked me to create a delete confirmation screen for a db of jokes. I’d like to list the the name of the author to be deleted and all of his/her jokes. I believe the bindValue command is causing me issues…
Any insight as to what my be wrong in this code would be great help. Cheers!


<?php

        include $_SERVER['DOCUMENT_ROOT'] . '/phpbed/includes/dbconnect.php';
        echo 'test3<br>';
        echo 'id ' . $_POST['id'] . '<br>';
        echo $_POST['id'];
        $sql = 'SELECT joketext FROM joke WHERE authorid = :id';
        $sql->bindValue(':id', $_POST['id']);
        $result = $pdo->query($sql);
        echo "test4";
        while ($row = $result->fetch())
        {
            $joke[] = $row['joketext'];
        }
        echo 'test5';
        ?>
        <div>
        including all of this authors jokes?
        </div>
            <?php foreach ($joke as $bleh): ?>

        <blockquote>
            <p><?php echo $bleh; ?> </p>
        </blockquote>

        <?php endforeach; ?>

Please note that i’ve plopped a bunch of test echoes and i can’t seem to get past test4.

Thanks guys!

cpradio · July 6, 2012, 11:29pm

Yep, it is quite simple actually, and you are really close.

But you are using the $sql variable as if it were the $pdo variable.

You need to change your $sql = ‘SELECT joketext FROM joke WHERE authorid = :id’'; to:

$sql = $pdo->prepare('SELECT joketext FROM joke WHERE authorid = :id');

ellypho · July 7, 2012, 3:58am

Unfortunately that didn’t do the trick…
Here’s the printed result
"
Confirm author deletion

Are you sure you would like to delete the following?
Author Id = 2
Author name = Joan Smith.
test3
id 2
test4
"

and the new code

<?php include $_SERVER['DOCUMENT_ROOT'] . '/phpbed/includes/dbconnect.php'; ?>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Are you sure?</title>
    </head>
    <body>
        <h1>Confirm author deletion</h1>
        <div>
            Are you sure you would like to delete the following?  
        </div>
        <div>
            Author Id =         
        <?php echo $authorid;?>
        </div>
        <div>
            <?php echo "Author name = " . $authorname ."."; ?>
        </div>
        <?php
       
        include $_SERVER['DOCUMENT_ROOT'] . '/phpbed/includes/dbconnect.php';
        
        echo 'test3<br>';
        echo 'id ' . $_POST['id'] . '<br>';
        
        $sql = $pdo->prepare('SELECT joketext FROM joke WHERE authorid = :id');
        $sql->bindValue(':id', $_POST['id']);
        $result = $pdo->query($sql); 
        
        echo 'test4';
        
        while ($row = $result->fetch())
        {
            $joke[] = $row['joketext'];
        }
        echo 'test5';
        ?>
        <div>
        including all of this authors jokes?
        </div>
            <?php foreach ($joke as $bleh): ?>
        
        <blockquote>
            <p><?php echo $bleh; ?> </p>
        </blockquote>
        
        <?php endforeach; ?>
    </body>
</html>

However if I simply declare the authored without doing a prepare() it works

$sql = ('SELECT joketext FROM joke WHERE authorid = 1');
        
        $result = $pdo->query($sql);

Edit: Thanks in advanced!

cpradio · July 7, 2012, 4:09am

Try changing $result = $pdo->query($sql); to $result = $pdo->execute();

ellypho · July 7, 2012, 4:15am

God you’re fast! I just want to give you a hug!
But it didn’t work…

$sql = $pdo->prepare('SELECT joketext FROM joke WHERE authorid = :id');
        $sql->bindValue(':id', $_POST['id']);
        $result = $pdo->execute();

I also tried putting $sql into the execute().

cpradio · July 7, 2012, 4:33am

My bad, I had a typo. Instead of $pdo->execute(); it should have read $sql->execute();

ellypho · July 7, 2012, 4:40am

We’re really close, only now I don’t get past test4…

echo 'test3<br>';
        echo 'id ' . $_POST['id'] . '<br>';
        
        $sql = $pdo->prepare('SELECT joketext FROM joke WHERE authorid = :id');
        $sql->bindValue(':id', $_POST['id']);
        $result = $sql->execute(); 
        
        echo 'test4';
        
        while ($row = $result->fetch())
        {
            $joke[] = $row['joketext'];
        }
        echo 'test5';

Thanks again!

ellypho · July 7, 2012, 4:41am

I get the impression that execute isn’t passing anything into $result…

cpradio · July 7, 2012, 4:45am

Sorry, learning the entire PDO bit myself, try this:

echo 'test3<br>';
        echo 'id ' . $_POST['id'] . '<br>';
        
        $sql = $pdo->prepare('SELECT joketext FROM joke WHERE authorid = :id');
        $sql->bindValue(':id', $_POST['id']);
        $sql->execute(); 
        
        echo 'test4';
        
        while ($row = $sql->fetch())
        {
            $joke[] = $row['joketext'];
        }
        echo 'test5';

ellypho · July 7, 2012, 5:23pm

Yes! It worked!

I wonder why we can’t use the ‘=’ to pass on to the execute().

Thank you so much!

cpradio · July 7, 2012, 5:24pm

Likely because it is an object/class reference. So the result is self contained in the class and you can then use the fetch() method to gain access to the result set