0

When i run the following script. The row is inserted twice ( the query runs twice ) .

require_once $_SERVER['DOCUMENT_ROOT'].'/functions/sanitize.php';
require_once $_SERVER['DOCUMENT_ROOT'].'/main/config.php';

$response    =   textsanitize($_POST['r']);
$ticket      =   idssanitize($_POST['t']);

$stmt = $condb->prepare("INSERT INTO ticket_reponses (ticket_id,user_id,time,response) VALUES (:ticket_id,:user_id,:time,:response)");
$stmt->execute(
array(
"ticket_id" => $ticket,
"user_id" => $_SESSION['user_id'],
"time" => time(),
"response" => $response
)
);
if($stmt->execute()){
   echo "SUCCESS";
}

When i remove if($stmt->execute()){echo "SUCCESSS";}. It runs in the right way. The row inserted once.

Why does if($stmt->execute()) execute the query again ? I thought that if($stmt->execute()) only returns TRUE || FALSE. I want to ensure that the query was executed successfully.

Improve this question
2
  • 3
    “Why does if($stmt->execute()) execute the query again ?” - because that’s plain and simple what this method does, it executes the statement. You called this method twice, so it performs its job twice. Surprise. Catch the result of the first call in a variable, and then use that variable in your if condition. Commented Nov 23, 2018 at 9:27
  • 1
    You need to put your if() around the first (and only) $stmt->execute() with all of the parameters you want to use. Commented Nov 23, 2018 at 9:28

3 Answers 3

Reset to default
1

One of the good uses of prepared statements in any language is that you can prepare it once and then execute it as many times as needed.

So in your case you execute() the statement twice, but it's possible that you could insert a whole bunch of data with the same prepared statement in a loop. Each time you call execute() you can just pass a new set of values to run the prepared statement. In your case it is an INSERT, so this is run twice.

In your case you probably just need...

$stmt = $condb->prepare("INSERT INTO ticket_reponses (ticket_id,user_id,time,response) VALUES (:ticket_id,:user_id,:time,:response)");

if($stmt->execute(array(
                  "ticket_id" => $ticket,
                  "user_id" => $_SESSION['user_id'],
                  "time" => time(),
                  "response" => $response)))    {
   echo "SUCCESS";
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

It is because it is calling the $stmt->execute() function twice. Once before the if statement and once as the condition in the if statement. So, you need to remove one instance of it.

I believe that you need to check if the statement has executed correctly (hence the if). So, the code can be like...

require_once $_SERVER['DOCUMENT_ROOT'].'/functions/sanitize.php';
require_once $_SERVER['DOCUMENT_ROOT'].'/main/config.php';

$response    =   textsanitize($_POST['r']);
$ticket      =   idssanitize($_POST['t']);

$stmt = $condb->prepare("INSERT INTO ticket_reponses  (ticket_id,user_id,time,response) VALUES (:ticket_id,:user_id,:time,:response)");
$values = array(
    "ticket_id" => $ticket,
    "user_id" => $_SESSION['user_id'],
    "time" => time(),
    "response" => $response
);
if($stmt->execute($values)){
    echo "SUCCESS";
}
Improve this answer

Comments

1

You are executing $stmt->execute() twice, so it's simply inserting two rows. no rocket science here.

if you want to check if the query ran successfully or not do it in the first statement itself.

require_once $_SERVER['DOCUMENT_ROOT'].'/functions/sanitize.php';
require_once $_SERVER['DOCUMENT_ROOT'].'/main/config.php';

$response    =   textsanitize($_POST['r']);
$ticket      =   idssanitize($_POST['t']);

$stmt = $condb->prepare("INSERT INTO ticket_reponses (ticket_id,user_id,time,response) VALUES (:ticket_id,:user_id,:time,:response)");
$isSuccessful = $stmt->execute(
array(
"ticket_id" => $ticket,
"user_id" => $_SESSION['user_id'],
"time" => time(),
"response" => $response
)
);
if($isSuccessful){
   echo "SUCCESS";
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.