Skip to content
Advertisement

Inserting data in diferent tables

Im trying to add data to diferent tables in MySQL, but at the moment of run my code, it shows me a error is it “Fatal error: Uncaught Error: Call to a member function query()”, is the firs time that y use the query function so I don’t know whats going wrong.

     <?php  
session_start();

$_SESSION['ID_user'];
$id = $_SESSION['ID_user'];
$name = $_POST['name'];
$company = $_POST['company'];
$password = $_POST['password'];
$password = password_hash($password, PASSWORD_DEFAULT); 


    if($name == "" && $password == "" && $company == "" ){
        return false;
    }
    else {
    require './conectar.php';
    $resultset = $conn->prepare("SELECT * FROM user WHERE ID_user = '$id' LIMIT 1");
    $resultset->execute();
    $resultkey = $resultset->fetch();

    if($resultkey !== false) {

        $update = "UPDATE user SET Name_user='$name', password='$password' WHERE ID_user = '$id' LIMIT 1";
        $up = $conn->prepare($update);
        $up->bindParam(':name', $_POST['name'], FILTER_SANITIZE_SPECIAL_CHARS);
        $up->execute();
        $result = $up->fetch();
        $_SESSION['Name_user'] = $result['name'];

        $lastid = $conn->query("SELECT last_insert_id()")->fetch();

        $insert = "INSERT INTO rel_company_user (ID_user)  VALUES ('$id')";
        $in = $conn->prepare($insert);
        $in->execute();


        $insert = "INSERT INTO company (Name_company) VALUES ('$company')";
        $in = $conn->prepare($insert);
        $in->execute();


        $update = "UPDATE rel_company_user SET ID_company='$lastid' WHERE ID_user = '$id' LIMIT 1";
        $up = $conn->prepare($update);
        $up->execute();

    }

}

header('Location: http://seth.com/dashboard?ftime=1');


/* Pedir el id y actualizarlo */


?>

Advertisement

Answer

  1. You should use parameters in all your queries. And you can’t use bindParam() if you didn’t put a placeholder in the query.
  2. FILTER_SANITIZE_SPECIAL_CHARS is not a valid argument to bindParam(). The third argument is an optional data type.
  3. You never set $thelast anywhere, that should be $conn.
  4. If $id is already assigned, you can’t use LAST_INSERT_ID() to get ID_user. Just insert that value into the user table.
  5. You don’t need to perform a query to get the last insert ID. Just use LAST_INSERT_ID() in the VALUES list of the next INSERT query.
  6. You can’t fetch the results of an UPDATE query.
  7. You can’t get the last insert ID if you haven’t done an insert. The UPDATE user query should be INSERT INTO user.
  8. In several places you assigned the SQL to $insert, but then did $conn->prepare($update).
<?php  
session_start();

$id = $_SESSION['ID_user'];
$name = $_POST['name'];
$company = $_POST['company'];
$password = $_POST['password'];
$password = password_hash($password, PASSWORD_DEFAULT); 


if($name == "" && $password == "" && $company == "" ){
    return false;
}
else {
    require './conectar.php';
    $resultset = $conn->prepare("SELECT * FROM user WHERE ID_user = :id LIMIT 1");
    $resultset->bindParam(':id', $id);
    $resultset->execute();
    $resultkey = $resultset->fetch();

    if($resultkey !== false) {

        $update = "INSERT INTO user (ID_user, Name_user, password) VALUES (:id, :name, :password)";
        $up = $conn->prepare($update);
        $up->bindParam(':id', $id);
        $up->bindParam(':name', $name);
        $up->bindParam(':password', $password);
        $up->execute();
        $result = $up->fetch();
        $_SESSION['Name_user'] = $name;

        $insert = "INSERT INTO rel_company_user (ID_user)  VALUES (:id)";
        $in = $conn->prepare($insert);
        $in->bindParam(':id', $id);
        $in->execute();

        $insert = "INSERT INTO company (Name_company) VALUES (:company)";
        $in = $conn->prepare($insert);
        $in->bindParam(':company', $company);
        $in->execute();

        $update = "INSERT INTO rel_company_user (ID_company, ID_user) VALUES (LAST_INSERT_ID(), :id)";
        $up = $conn->prepare($update);
        $up->bindParam(':id', $id);
        $up->execute();

    }

}

header('Location: http://seth.com/dashboard?ftime=1');

/* Pedir el id y actualizarlo */
?>
User contributions licensed under: CC BY-SA
7 People found this is helpful
Advertisement