I'm trying to figure out why on earth the query below isn't working. Basically it checks if a checkbox is checked, if it is the checkboxes relating variable and therefore mysql record is set to 1. If the checkbox isn't checked its set to 0. I've added multiple different troubleshooting and error reporting snippets - no errors. Yet no success? This is driving me mad. Any advice is warmly welcomed! Thank you.
if(isset($_POST['updateUser'])){
$mysqli = mysqli_connect($config['host'],
$config['user'],
$config['pass'],
$config['db']);
foreach($_POST as $k => $v) {
$check[$k] = isset($_POST[$k]) ? 1 : 0;
}
$query = "UPDATE users_permissions SET editComments = ?,
editTopics = ?,
editArticles = ?,
autoApprove = ?,
allowArticleMod = ?,
courseAuthor = ?,
seeFinance = ?,
editUsers = ?,
editUsersPermissions = ?,
editSuperUsers = ?,
editWL = ?
WHERE
userid = ?";
$stmt = $mysqli->prepare($query);
$stmt->bind_param('iiiiiiiiiiii',
$check['editComments'],
$check['editTopics'],
$check['editArticles'],
$check['autoApprove'],
$check['allowArticleMod'],
$check['courseAuthor'],
$check['seeFinance'],
$check['editUsers'],
$check['editUsersPermissions'],
$check['editSuperUsers'],
$check['editWL'],
$profileData['userid']);
$profileData['userid']);
$stmt->execute();
}
UPDATED: Changes made to code to reflect suggestion made by @Floris
I'm sorry but those if-blocks hurt my eyes. I know it's not really "the" answer but you should do this instead:
$checks = [];
foreach($_POST as $k => $v) {
$checks[$k] = isset($_POST[$k]) ? 1 : 0;
}
Now you have an array called $checks which has all the $_POST keys as you had before with a 0/1 value depending on whether it was set, and you skip a whole bunch of ugly code! Yay! Now, just replace the bind_param vars with $check vars.
EDIT - More code, with comments:
//Go through each variable in the $_POST array, using "$k" to refer to the key and "$v" to the value,
//So, $_POST["editComments"] = "foo" would have $k = "editComments" and $v = "foo"
foreach($_POST as $k => $v) {
//This is a shorthand if-statement which basically means: if isset($_POST[$k]) == true, $checks[$k] = 1. Else, $checks[$k] = 0.
$checks[$k] = isset($_POST[$k]) ? 1 : 0;
}
//Nothing new here
$query = "UPDATE users_permissions SET editComments = ?,
editTopics = ?,
editArticles = ?,
autoApprove = ?,
allowArticleMod = ?,
courseAuthor = ?,
seeFinance = ?,
editUsers = ?,
editUsersPermissions = ?,
editSuperUsers = ?,
editWL = ?
WHERE
userid = ?";
$stmt = $mysqli->prepare($query);
//So here's how to bind the $checks variables:
$stmt->bind_param('iiiiiiiiiiii', $checks["editComments"],
$checks["editTopics"], //and so on
$editArticles,
$autoApprove,
$allowArticleMod,
$courseAuthor,
$seeFinance,
$editUsers,
$editUsersPermissions,
$editSuperUsers,
$editWL,
$profileData['userid']);
$stmt->execute();