PDO插入和更新查詢到不同的表

Question

我有一個PDO SQL腳本，它使用戶能夠完成捕獲帶信息的表單。然後它將這些信息發佈到我的數據庫表中，名爲'bands'。這工作正常。

同時，我希望腳本更新一個名爲'users'的表，它有一個名爲'num_bands'的列，如果用戶創建多個band，則需要增加+1值。

我已經嘗試了一些方法，但都沒有工作。該腳本似乎能夠完美地插入到「樂隊」表中，但我無法更新「用戶」表。這裏是「register_band」腳本：

<?php 

// First we execute our common code to connection to the database and start the session 
require("common.php"); 

// At the top of the page we check to see whether the user is logged in or not 
if(empty($_SESSION['user'])) 
{ 
    // If they are not, we redirect them to the login page. 
    header("Location: ../index.php"); 

    // Remember that this die statement is absolutely critical. Without it, 
    // people can view your members-only content without logging in. 
    die("Redirecting to ../index.php"); 
} 

// This if statement checks to determine whether the registration form has been submitted 
// If it has, then the registration code is run, otherwise the form is displayed 
if(!empty($_POST)) 
{ 
    // Ensure that the user has entered a non-empty username 
    if(empty($_POST['username'])) 
    { 
     // Note that die() is generally a terrible way of handling user errors 
     // like this. It is much better to display the error with the form 
     // and allow the user to correct their mistake. However, that is an 
     // exercise for you to implement yourself. 
     die("Please enter a username."); 
    } 

    // An INSERT query is used to add new rows to a database table. 
    // Again, we are using special tokens (technically called parameters) to 
    // protect against SQL injection attacks. 
    $query = " 
     INSERT INTO bands (
        member_id, 
      username, 
      bandname, 
      bandhometown, 
      bandtype 

     ) VALUES (
        :member_id, 
      :username, 
      :bandname, 
      :bandhometown, 
      :bandtype 
     ) 
    "; 


    // Here we prepare our tokens for insertion into the SQL query. We do not 
    // store the original password; only the hashed version of it. We do store 
    // the salt (in its plaintext form; this is not a security risk). 
    $query_params = array(
      ':member_id' => $_POST['member_id'], 
     ':username' => $_POST['username'], 
     ':bandname' => $_POST['bandname'], 
     ':bandhometown' => $_POST['bandhometown'], 
     ':bandtype' => $_POST['bandtype'] 
    ); 

    try 
    { 
     // Execute the query to create the user 
     $stmt = $db->prepare($query); 
     $result = $stmt->execute($query_params); 
    } 


    catch(PDOException $ex) 
    { 
     // Note: On a production website, you should not output $ex->getMessage(). 
     // It may provide an attacker with helpful information about your code. 
     die("Failed to run query: " . $ex->getMessage()); 
    } 

$query2 = "UPDATE users 
      SET num_bands = num_bands + 1 
      WHERE id = :member_id"; 

$stmt2 = $db->prepare($query2); 

    // This redirects the user to the private page after they register 
    header("Location: ../gig_view.php"); 

    // Calling die or exit after performing a redirect using the header function 
    // is critical. The rest of your PHP script will continue to execute and 
    // will be sent to the user if you do not die or exit. 
    die("Redirecting to ../gig_view.php"); 
} 

?> 

我在非生產模式目前運行此，因此代碼不是100％。我如何獲得腳本來更新'用戶'表？

Answer 1

$stmt->closeCursor(); 

$query2 = "UPDATE users 
      SET num_bands = num_bands + 1 
      WHERE id = :member_id"; 

$stmt2 = $db->prepare($query2); 

$params = array(':member_id' => $_POST['member_id']); 
$result = $stmt2->execute($params); 

您在這裏的代碼有詳細記錄，並解釋瞭如何使用PDO語句，準備好的查詢以及如何使用參數執行它們。

只要按照您對SELECT所做的相同模式操作，只有查詢的字符串可以在此處更改。