This all worked before I added the section to update "last_update".
if((time() - $last_update) > 7200){
$sql = $dbh->prepare("UPDATE item_list SET quantity=:quantity, price=:price, last_update=:now WHERE item_name=:itemname");
$sql->bindParam(':quantity', $json->volume);
$sql->bindParam(':price', $json->lowest_price);
$sql->bindParam(':itemname', $row['Item_Name']);
$sql->bindParam(':now', "NOW()"); //This doesn't work
$sql->execute();
}
When this is called I want to make last_update the date and time now. In the database it is currently a DATETIME, and when I last_update I origianly set them to NOW();
Doing this I get the error Fatal error: Cannot pass parameter 2 by reference in.... Directory
I know it expects a variable, I'm not sure how to fix it though. I tried setting
$now = "NOW()"; $sql->bindParam(':now', $now);
No prevail. Any help?
Why you need to bind, just put NOW() directly
$sql = $dbh->prepare("UPDATE item_list SET quantity=:quantity, price=:price, last_update=now() WHERE item_name=:itemname");
If your last_update column is looking for a UNIX timestamp, then do :
$now = time();
$sql->bindParam(':now', $now);
If it's after a different time format, use date(), and the relevant formatting it has to set the date and time
You can keep your bind query as it is & remove the last_update column from the query.
Since you are updating other things in the record via another query, then you can set the default value of the field last_update to CURRENT_TIMESTAMP & set it's attribute as ON UPDATE CURRENT_TIMESTAMP. That will ensure it automatically updates itself with the current time now() whenever that record is updated.
It wouldn't be the best thing to remove bind() as you rightly said to prevent SQL injection attempts.