I'm having problems with my code here. I have a form where a user fills out some information and submits it to be added to the database. The form can be used to submit a new row or to edit an existing one. However, neither queries appear to be working and I cannot see why. Can anyone see any errors in my code here?
Also, I am aware I shouldn't be echoing my PDO exception's but I have done this temporarily for debugging purposes. But nothing is echoed. There don't appear to be any errors.
try {
$db = new PDO('mysql:host=x.x.x.x;dbname=xxx', "xxx", "xxx");
} catch (PDOException $ex) {
echo $ex->getMessage();
}
if (isset($_POST['title'])) {
try {
$stmt = $db->prepare("SELECT * FROM xxxxx WHERE Title = :title;");
$stmt->bindParam(':title', $_POST['title']);
$stmt->execute();
$rows = $stmt->fetchAll();
} catch (PDOException $ex) {
echo $ex->getMessage();
}
if (count($rows) > 0){
$result = $rows[0];
if($result['Author'] == $_SESSION['user_name']) {
try {
$stmt = $db->prepare("UPDATE xxxxx SET Title = :title, `Short Desc` = :short, Description = :desc, Location = :loc, Genre = :genre, Date = :date, lat = :lat, lng = :lng WHERE ID = :id and Author = :user LIMIT 1;");
$stmt->bindParam(':title', $_POST['title']);
$stmt->bindParam(':short', $_POST['shortdesc']);
$stmt->bindParam(':desc', $_POST['description']);
$stmt->bindParam(':loc', $_POST['location']);
$stmt->bindParam(':genre', $_POST['genre']);
$stmt->bindParam(':date', $_POST['date']);
$stmt->bindParam(':lat', $_POST['lat']);
$stmt->bindParam(':lng', $_POST['lng']);
$stmt->bindParam(':user', $_SESSION['user_name']);
$stmt->execute();
$err = "Your ad was successfully updated.";
} catch (PDOException $ex) {
echo $ex->getMessage();
}
} else {
$err = "An ad already exists with that title.";
}
} else {
try {
$stmt = $db->prepare("INSERT INTO xxxxx (`Title`, `Short Desc`, `Description`, `Location`, `Genre`, `Date`, `Author`, `lat`, `lng`) VALUES (:title,:short,:desc,:loc,:genre,:date,:user,:lat,:lng)");
$stmt->bindParam(':title', $_POST['title']);
$stmt->bindParam(':short', $_POST['shortdesc']);
$stmt->bindParam(':desc', $_POST['description']);
$stmt->bindParam(':loc', $_POST['location']);
$stmt->bindParam(':genre', $_POST['genre']);
$stmt->bindParam(':date', $_POST['date']);
$stmt->bindParam(':lat', $_POST['lat']);
$stmt->bindParam(':lng', $_POST['lng']);
$stmt->bindParam(':user', $_SESSION['user_name']);
$stmt->execute();
$err = "Your ad was successfully added to our database.";
} catch (PDOException $ex) {
echo $ex->getMessage();
}
}
}