-2

I am having trouble using this prepare and bind. I have tried the same thing with less variables to bind. I have been successful using prepare with just Fname, Lname, Password, $UserID and using sssi with the bind_param object. Can someone explain what I am doing wrong when using more variables in my bind code? With the code below it only prints out the same data from mysqli and doesn't update it.

if ($stmt = $con->prepare("UPDATE users SET Fname = ?, Lname = ?, Password = ?, UserLevel = ?, Email = ?, WHERE UserID= ?"))
{
    $stmt->bind_param("ssssssi", $firstname, $lastname, $PW, $UserLevel, $EM, $UserID);
    $stmt->execute();
    $stmt->close();
}
// show an error message if the query has an error
else
{
    echo "ERROR: could not prepare SQL statement.";
}

// redirect the user once the form is updated
header("Location: admin.php");
Jasper
  • 11,590
  • 6
  • 38
  • 55
alstonan25
  • 23
  • 8

1 Answers1

1

Although you haven't specified the data types which makes this tricky, I'll hazard a guess.

Fname = s

Lname = s

Password = s

UserLevel = i (?)

Email = s

I count 4 s' there, yet you have 6.

Try this,

 $stmt->bind_param("sssisi", $firstname, $lastname, $PW, $UserLevel, $EM, $UserID);

Edit 1

As @Fred-ii- said, your SQL query is wrong.

Change

"UPDATE users SET Fname = ?, Lname = ?, Password = ?, UserLevel = ?, Email = ?, WHERE UserID= ?"

to,

"UPDATE users SET Fname = ?, Lname = ?, Password = ?, UserLevel = ?, Email = ? WHERE UserID= ?"

You had a training ,.

Script47
  • 14,230
  • 4
  • 45
  • 66
  • You were right I misplaced a comma after directing where I wanted the changes to take place for that UserID the code is working now. Also, for placing the sssisi, is it necessary to place an i for every integer. – alstonan25 Aug 06 '15 at 13:24
  • @alstonan25 glad to help. – Script47 Aug 06 '15 at 13:25