I use pdo and mysql and I already know how to add a column to an existing table, but when I try it with value from an input field, the name of the variable $.... is being added as column.
The code I have to add the value from the input field as column, is as followed:
public function insertAlterTable($colName)
{
$this->pdo = $this->connectMySql();
$query = 'ALTER TABLE nbs_events ADD $colName CHAR(5) NULL DEFAULT "nee"';
$stmt = $this->pdo->prepare($query);
if(!$stmt->execute()){
return false;
}
$this->pdo = null;
return true;
}
This code is wrapped inside a try catch block.
And also inside a class.
At the frontpage I use this code like:
insertAlterTable($_POST['colname']);
How can I add the value from the input field colname
as column to the existing table.
Please help.
I've updated the code as followed, so it works for me:
public function insertAlterTable($colName)
{
$colName = mysql_real_escape_string($colName);
$this->pdo = $this->connectMySql();
$query = "ALTER TABLE nbs_events ADD $colName CHAR(5) NULL DEFAULT \"nee\"";
$stmt = $this->pdo->prepare($query);
if(!$stmt->execute()){
return false;
}
$this->pdo = null;
return true;
}