Im trying to add data to diferent tables in MySQL, but at the moment of run my code, it shows me a error is it “Fatal error: Uncaught Error: Call to a member function query()”, is the firs time that y use the query function so I don’t know whats going wrong.
<?php session_start(); $_SESSION['ID_user']; $id = $_SESSION['ID_user']; $name = $_POST['name']; $company = $_POST['company']; $password = $_POST['password']; $password = password_hash($password, PASSWORD_DEFAULT); if($name == "" && $password == "" && $company == "" ){ return false; } else { require './conectar.php'; $resultset = $conn->prepare("SELECT * FROM user WHERE ID_user = '$id' LIMIT 1"); $resultset->execute(); $resultkey = $resultset->fetch(); if($resultkey !== false) { $update = "UPDATE user SET Name_user='$name', password='$password' WHERE ID_user = '$id' LIMIT 1"; $up = $conn->prepare($update); $up->bindParam(':name', $_POST['name'], FILTER_SANITIZE_SPECIAL_CHARS); $up->execute(); $result = $up->fetch(); $_SESSION['Name_user'] = $result['name']; $lastid = $conn->query("SELECT last_insert_id()")->fetch(); $insert = "INSERT INTO rel_company_user (ID_user) VALUES ('$id')"; $in = $conn->prepare($insert); $in->execute(); $insert = "INSERT INTO company (Name_company) VALUES ('$company')"; $in = $conn->prepare($insert); $in->execute(); $update = "UPDATE rel_company_user SET ID_company='$lastid' WHERE ID_user = '$id' LIMIT 1"; $up = $conn->prepare($update); $up->execute(); } } header('Location: http://seth.com/dashboard?ftime=1'); /* Pedir el id y actualizarlo */ ?>
Advertisement
Answer
- You should use parameters in all your queries. And you can’t use
bindParam()
if you didn’t put a placeholder in the query. - FILTER_SANITIZE_SPECIAL_CHARS is not a valid argument to
bindParam()
. The third argument is an optional data type. - You never set
$thelast
anywhere, that should be$conn
. - If
$id
is already assigned, you can’t useLAST_INSERT_ID()
to getID_user
. Just insert that value into theuser
table. - You don’t need to perform a query to get the last insert ID. Just use
LAST_INSERT_ID()
in theVALUES
list of the nextINSERT
query. - You can’t fetch the results of an
UPDATE
query. - You can’t get the last insert ID if you haven’t done an insert. The
UPDATE user
query should beINSERT INTO user
. - In several places you assigned the SQL to
$insert
, but then did$conn->prepare($update)
.
<?php session_start(); $id = $_SESSION['ID_user']; $name = $_POST['name']; $company = $_POST['company']; $password = $_POST['password']; $password = password_hash($password, PASSWORD_DEFAULT); if($name == "" && $password == "" && $company == "" ){ return false; } else { require './conectar.php'; $resultset = $conn->prepare("SELECT * FROM user WHERE ID_user = :id LIMIT 1"); $resultset->bindParam(':id', $id); $resultset->execute(); $resultkey = $resultset->fetch(); if($resultkey !== false) { $update = "INSERT INTO user (ID_user, Name_user, password) VALUES (:id, :name, :password)"; $up = $conn->prepare($update); $up->bindParam(':id', $id); $up->bindParam(':name', $name); $up->bindParam(':password', $password); $up->execute(); $result = $up->fetch(); $_SESSION['Name_user'] = $name; $insert = "INSERT INTO rel_company_user (ID_user) VALUES (:id)"; $in = $conn->prepare($insert); $in->bindParam(':id', $id); $in->execute(); $insert = "INSERT INTO company (Name_company) VALUES (:company)"; $in = $conn->prepare($insert); $in->bindParam(':company', $company); $in->execute(); $update = "INSERT INTO rel_company_user (ID_company, ID_user) VALUES (LAST_INSERT_ID(), :id)"; $up = $conn->prepare($update); $up->bindParam(':id', $id); $up->execute(); } } header('Location: http://seth.com/dashboard?ftime=1'); /* Pedir el id y actualizarlo */ ?>