PDO插入和更新查询到不同的表

Question

我有一个PDO SQL脚本，它使用户能够完成捕获带信息的表单。然后它将这些信息发布到我的数据库表中，名为'bands'。这工作正常。

同时，我希望脚本更新一个名为'users'的表，它有一个名为'num_bands'的列，如果用户创建多个band，则需要增加+1值。

我已经尝试了一些方法，但都没有工作。该脚本似乎能够完美地插入到“乐队”表中，但我无法更新“用户”表。这里是“register_band”脚本：

<?php 

// First we execute our common code to connection to the database and start the session 
require("common.php"); 

// At the top of the page we check to see whether the user is logged in or not 
if(empty($_SESSION['user'])) 
{ 
    // If they are not, we redirect them to the login page. 
    header("Location: ../index.php"); 

    // Remember that this die statement is absolutely critical. Without it, 
    // people can view your members-only content without logging in. 
    die("Redirecting to ../index.php"); 
} 

// This if statement checks to determine whether the registration form has been submitted 
// If it has, then the registration code is run, otherwise the form is displayed 
if(!empty($_POST)) 
{ 
    // Ensure that the user has entered a non-empty username 
    if(empty($_POST['username'])) 
    { 
     // Note that die() is generally a terrible way of handling user errors 
     // like this. It is much better to display the error with the form 
     // and allow the user to correct their mistake. However, that is an 
     // exercise for you to implement yourself. 
     die("Please enter a username."); 
    } 

    // An INSERT query is used to add new rows to a database table. 
    // Again, we are using special tokens (technically called parameters) to 
    // protect against SQL injection attacks. 
    $query = " 
     INSERT INTO bands (
        member_id, 
      username, 
      bandname, 
      bandhometown, 
      bandtype 

     ) VALUES (
        :member_id, 
      :username, 
      :bandname, 
      :bandhometown, 
      :bandtype 
     ) 
    "; 


    // Here we prepare our tokens for insertion into the SQL query. We do not 
    // store the original password; only the hashed version of it. We do store 
    // the salt (in its plaintext form; this is not a security risk). 
    $query_params = array(
      ':member_id' => $_POST['member_id'], 
     ':username' => $_POST['username'], 
     ':bandname' => $_POST['bandname'], 
     ':bandhometown' => $_POST['bandhometown'], 
     ':bandtype' => $_POST['bandtype'] 
    ); 

    try 
    { 
     // Execute the query to create the user 
     $stmt = $db->prepare($query); 
     $result = $stmt->execute($query_params); 
    } 


    catch(PDOException $ex) 
    { 
     // Note: On a production website, you should not output $ex->getMessage(). 
     // It may provide an attacker with helpful information about your code. 
     die("Failed to run query: " . $ex->getMessage()); 
    } 

$query2 = "UPDATE users 
      SET num_bands = num_bands + 1 
      WHERE id = :member_id"; 

$stmt2 = $db->prepare($query2); 

    // This redirects the user to the private page after they register 
    header("Location: ../gig_view.php"); 

    // Calling die or exit after performing a redirect using the header function 
    // is critical. The rest of your PHP script will continue to execute and 
    // will be sent to the user if you do not die or exit. 
    die("Redirecting to ../gig_view.php"); 
} 

?> 

我在非生产模式目前运行此，因此代码不是100％。我如何获得脚本来更新'用户'表？

Answer 1

$stmt->closeCursor(); 

$query2 = "UPDATE users 
      SET num_bands = num_bands + 1 
      WHERE id = :member_id"; 

$stmt2 = $db->prepare($query2); 

$params = array(':member_id' => $_POST['member_id']); 
$result = $stmt2->execute($params); 

您在这里的代码有详细记录，并解释了如何使用PDO语句，准备好的查询以及如何使用参数执行它们。

只要按照您对SELECT所做的相同模式操作，只有查询的字符串可以在此处更改。