PHP: Using PDO to insert and update data

Previously, we looked at how to read data from a MySQL database, using PDO.  So, how do you add records and update them?

Let’s start with how to add a record

<?php

	// What are we inserting into the database table?
	$FirstName = 'Steve';
	$LastName = 'Ollinger';
	$Username = 'sollinger';

	// Create a DSN for MySQL 
        // (Syntax: 'mysql:host=[server];dbname=[database]')
	$MySQLDSN = 'mysql:host=localhost;dbname=TestDatabase';

	try {
		// Create a new (MySQL) PDO object 
                // (Syntax: 'PDO([DSN], [UserName], [Password]')
		$db = new PDO($MySQLDSN, 'TestUser', 'TestPassword');
		// What is your intended query?
		$sql = 'insert into users 
                        (vcFirstName,vcLastName,vcUsername) 
                        values (:FirstName,:LastName,:Username)';
		// Prepare the statement
		$query = $db->prepare($sql);
		// Execute the statement
		$query->execute(array(':FirstName'=>$FirstName, ':LastName'=>$LastName, ':Username'=>$Username));

		// Store any resulting errors
		$errorInfo = $db->errorInfo();
		// If there were any errors, assign them to the error variables
		if (isset($errorInfo[2])){
			$error = $errorInfo[2];
		}

	} catch (PDOException $e) {
		// Catch any PDO exceptions
		$error = $e->getMessage();
	}

	// Did an error occur during the above operation?
	if (isset($error)) {
		// Display the error
		echo $error;
	} else {
		// Indicate that all went well
		echo 'OK';
	}

?>

As you can see, above, it looks very similar to our demo for ‘Using PDO to query a database’.  There are a few new things, though.  We are using prepare() to get a statement object.  We then use execute() to execute the prepared statement.

So, now that we have added a new record, how do we update a preexisting record?  As you would expect, you can use the same syntax as above but let’s check out an alternate syntax.

<?php
	
	// What is the new data for Steve's record?
	$FirstName = 'Steven';
	$LastName = 'Ollinger';
	$Username = 'ollinger';
	// What record are we updating?
	$id = 6;

	// Create a DSN for MySQL 
	// (Syntax: 'mysql:host=[server];dbname=[database]')
	$MySQLDSN = 'mysql:host=localhost;dbname=TestDatabase';

	try {
		// Create a new (MySQL) PDO object 
		// (Syntax: 'PDO([DSN], [UserName], [Password]')
		$db = new PDO($MySQLDSN, 'TestUser', 'TestPassword');
		// What is your intended query?
		$sql = "update users set vcFirstName=?,vcLastName=?,vcUsername=? where intID_pk=?";
		// Prepare the statement
		$query = $db->prepare($sql);
		// Execute the statement
		$query->execute(array($FirstName,$LastName,$Username,$id));

		// Store any resulting errors
		$errorInfo = $db->errorInfo();
		// If there were any errors, assign them to the error variables
		if (isset($errorInfo[2])){
			$error = $errorInfo[2];
		}

	} catch (PDOException $e) {
		// Catch any PDO exceptions
		$error = $e->getMessage();
	}

	// Did an error occur during the above operation?
	if (isset($error)) {
		// Display the error
		echo $error;
	} else {
		// Indicate that all went well
		echo 'OK';
	}

?>

I like the first syntax more than the second.  There is less likelihood of making a dumb mistake.

Leave a Reply

Your email address will not be published.