I want to update price on invoice with this PHP code (the config file is included, more SQL statements are executed above this):
JavaScript
x
<?php$finalprice = getInvoicePrice($code);$codeErr = "";$discount = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST["discount"])) { $codeErr = "Code can not be blank."; }else { $discount = test_input($_POST["discount"]); if ($discount == "FIVE" ) { $codeErr = "OK"; $price = getInvoicePrice($code); $percentage = 100; $percentage = 100 - 5; $finalprice = $percentage / 100 * $price; $SQLChangePrice = $odb->prepare("UPDATE `invoices2` SET `price` = :price WHERE `code` = `:code`"); $SQLChangePrice->execute(array( ":price" => $finalprice, ":code" => $code )); }else { $codeErr = "wrong code"; $price = getInvoicePrice($code); $finalprice = $price; } } } function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } ?>full code (html form):
JavaScript
<form method = "post" onsubmit="return submitDiscount();"> <table> <tr> <td>code:</td> <td><input type = "text" name = "discount"> <span class = "error"><?php echo $codeErr;?></span> </td> </tr> <td> <input type = "submit" name = "submit" value = "Submit"> </td> </table> </form>Whole script and things around are working, but the MYSQL exec. isnt working for some reasons (no errors at all)
Advertisement
Answer
This:
JavaScript
UPDATE `invoices2` SET `price` = :price WHERE `code` = `:code`should be:
JavaScript
UPDATE `invoices2` SET `price` = :price WHERE `code` = :codeDon’t put parameter placeholders inside any kind of SQL quote (that is, not single-quotes, double-quotes, or back-quotes).
I also notice you did not set any value for the PHP variable $code.