The function below is what I wrote to insert form data dynamically into db using PDO, it grabs form name and value attr to populate cols and bindValues in PDO insert statement. The problem I have now is this :
I want to hash the password before inserting and also insert time and date at the same time.
public function reg_user($data) {
if($_SERVER['REQUEST_METHOD'] == 'POST'){
$dataDB = array();
foreach ($_POST as $k => $v) {
if (in_array($k,$this->valid_keys)) {
$dataDB[$k] = $v;
}
}
$this->cols = '`'.implode('`, `', array_keys($dataDB)).'`' ;
$this->values = ':' . implode(", :", array_keys($dataDB));
$db = new db;
try{
$stmt = $db->dbh->prepare ("INSERT INTO $this->table ($this->cols ) VALUES ($this->values)");
foreach ($dataDB as $k => $v) {
$stmt -> bindValue(':'.$k, $v);
}
$stmt->execute();
} catch (PDOException $e) {
$error = new Errors();
echo "<b>".$error->displayError($e)."</b>";
}
}
}
I modified the foreach loop in to this
foreach ($_POST as $k => $v) {
if (in_array($k,$this->valid_keys)) {
if($k == 'password'){
$v = password_hash($v , PASSWORD_DEFAULT);
}
$dataDB[$k] = $v;
}
}
but I still get plain password inserted into the database.