I’m learning PHP and have gotten stuck. I’m making a signup/login system that follows these steps:
- To sign up, a new user enters a display name, email and password.
- Upon submission of that form, a PHP script runs a prepared statement, an INSERT statement, making a new entry in the users table.
- The script then passes the value of $email as POST data to the next page where the new user makes a couple of choices. While the new user’s account has just been created, these two choices are perceived as part of the signup process. The two choices correspond to two integers that are passed to the next file as POST data integer_1 and integer_2. The email address is also passed to the next file as POST data.
- The PHP file below is supposed to assign POST data email, integer_1 and integer_2 to the variables $email, $integer_1 and $integer_2, then run a prepared statement process that updates the users table, setting columns integer_1 and integer_2 to their variable values where the email column matches $email.
I cannot get the PHP file below to affect/update any row in the database. I’m not getting any errors.
<?php
if (isset($_POST['signup_submit'])) {
require 'database_connection.inc.php';
$email = $_POST['email'];
$integer_1 = $_POST['integer_1'];
$integer_2 = $_POST['integer_2'];
$sql = "UPDATE users SET integer_1=? AND integer_2=? WHERE email=?";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: ../signup.php?error=sqlerror");
exit();
}
else {
mysqli_stmt_bind_param($stmt, "iis", $integer_1, $integer_2, $email);
mysqli_stmt_execute($stmt);
header("Location: ../login.php?initial_login");
exit();
}
mysqli_stmt_close($stmt);
mysqli_close($conn);
}
else {
header("Location: ../signup.php");
exit();
}
I have tried:
- commenting out the script and having the file just echo the values of $email, $integer_1 and $integer_2. This worked. The echoed values were what I expected them to be.
- putting a semi-colon after the final question mark of the SQL statement
- putting the SQL statement’s question marks in single quotes
- entering the SQL into MyAdmin. If I type the SQL statement directly into MyAdmin, replacing the question marks with the actual data, it still does not affect any rows. Once while trying this, I did get it to update the entry. I cannot remember the exact details of how the statement was written, but I know the difference that led to a successful update was adding single quotes around the email address. I then tried to make my prepared statement put single quotes around the email address, but nothing worked. I am now unable to get the same successful result when typing the UPDATE statement directly into MyAdmin.
Thank you for any help you might be able to give me.
New contributor
Jackson D is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.