I'm in the process of procedurally making a PDO statement, so far i've got
$sql = "UPDATE users SET ";
$values_array = array();
foreach($non_empty_fields as $key => $value){
$sql .= $key;
$sql .= " = :".$key.", ";
$values_array[':'.$key] = $value;
}
$sql = substr($sql, 0, -2);
$sql .= " WHERE id = :id";
$values_array[':id'] = $user_id;
$sth = $this->conn->prepare($sql);
print_r($non_empty_fields);
print_r($values_array);
echo($sql);
$sth -> execute($values_array);
$num_affected_rows = $sth -> affected_rows;
$sth -> close();
and when i run it, i get
Array
(
[gender] => female
[device_id] => 1213423489ydasxas98y76
)
Array
(
[:gender] => female
[:device_id] => 1213423489ydasxas98y76
[:id] => 35
)
UPDATE users SET gender = :gender, device_id = :device_id WHERE id = :id<br />
<b>Fatal error</b>: Call to a member function execute() on a non-object in <b>/Sites/api/include/DbHandler.php</b> on line <b>280</b><br />
I suspect its because I'm not setting the prepared statement properly, so my question is: how do you make a prepared statement from a string?
UPDATE:
call_user_func so the code now looks like:
$sql = "UPDATE users SET ";
$values_array = array();
foreach($non_empty_fields as $key => $value){
$sql .= $key;
$sql .= " = ?, ";
$values_array[] = &$value;
}
$sql = substr($sql, 0, -2);
$sql .= " WHERE id = ?";
$values_array[] = &$user_id;
$sth = $this->conn->prepare($sql);
$params = array_merge(array(str_repeat('s', count($values_array))), array_values($values_array));
call_user_func_array(array(&$sth, 'bind_param'), $params);
$sth -> execute();
now the error I'm getting isn't represented, pdo just doesn't update the table.