I have two questions about Prepared Statements from the code below:

The purpose of the first $query is to determine if the authorization code 
supplied is both accurate and also live
- When the authorization code is generated it is given a time frame when it 
must be used in.  The columns `start_date` and  `end_date` are both DATETIME.  
This is why I am using NOW() to check the “shelf life”.

My question: Is there a better way to confirm the record was found than using:

if ( $row['authorization_code'] == $authorization_code ) {

In another way of executing a mySQL database query using PHP I can count the # 
rows the result brought with the command “mysql_numrows”.  I don’t know how to 
do this in Prepared Statements.  I wonder if comparing the # of rows found is a 
better method? or what other programmers are using?

How can I tell if the UPDATE $query executed successfully?  I am wanting to do 
something like: 

echo “Update Successful – No changes were required during this review”; 

if the UPDATE is successful --- otherwise I need to direct the user to try 
again with a different message:

echo “Update was unsuccessful – Follow this link to try again”;

I am still getting use to Prepared Statements, this is why I am asking these 
questions --- Thank you for helping me.  Ron



$dsh = 'mysql:host=localhost;dbname='.$database; 
$dbh = new PDO($dsh, $username, $password); 

#query for the authorization code

$query = "SELECT `authorization_code` FROM 
`directory_listing_update_authorizations` WHERE NOW() BETWEEN `start_date` AND 
`end_date` AND `authorization_code` = :authorization_code AND 
`directory_entries_reference` = :directory_entries_reference LIMIT 1;";

$stmt = $dbh->prepare($query);
$stmt->bindValue(':directory_entries_reference', $directory_entries_reference, 
$stmt->bindValue(':authorization_code', $authorization_code, PDO::PARAM_STR);

$stmt->execute() or die(print_r($stmt->errorInfo(), true));

while ($row = $stmt->fetch()) {
    if ( $row['authorization_code'] == $authorization_code ) {
        #update directory_entries.last_review with today's date
        $query = "UPDATE `directory_entries` SET `last_review` = NOW() WHERE 
`reference` = :directory_entries_reference LIMIT 1;";
        $stmt = $dbh->prepare($query);
$directory_entries_reference, PDO::PARAM_STR);
        $stmt->execute() or die(print_r($stmt->errorInfo(), true));
    } else {
        #failure, direct user to request new authorization code or login 



Reply via email to