Can someone tell me when you prepare() a statement (in my case an update statement) and then execute() it, I then check using rowCount() after the update query (see code below) if rowCount() > 0 if it is then a match was found and update took place, but I then got an else statement.
To make sure I am not confusing myself with syntax errors and conditions in statements, I want to ask in my code below (have commented specific area in detail) does the else statement basically mean cannot update because a match was not found and/or a possible syntax error or some other error? I think it means what I put in bold just want to ensure I am not confusing myself.
Please ignore the SQL UPDATE syntax itself in the prepare statement as it’s wrong and will deal with later. I think the code explains better along with a detailed comment in area I am talking about.
// check if key is set and alphanumeric and equals 40 chars long
// we use sha1 so it will always be 40 chars long.
if(isset($_GET['key']) && ctype_alnum($_GET['key']) && strlen($_GET['key']) == 40){
$key = trim($_GET['key']);
}
// if key isset and valid
if(isset($key)){
try {
// connect to database
$dbh = sql_con();
// checke if activation key matches and user_uid matches
$stmt = $dbh->prepare("
SELECT
users_status.user_uid,
users_status.user_activation_key
FROM
users_status
JOIN
users
ON
users_status.user_activation_key = ?
AND
users_status.user_uid = users.user_uid LIMIT 1");
// execute query
$stmt->execute(array($key));
// if row count greater than 0 then match found
if ( $stmt->rowCount() > 0 ) {
// user verified; we now must update users status in users table to active = 1
// and set the user_activation_key in the users_status to NULL
$stmt = $dbh->prepare("
UPDATE
users.user_status,
users_status.user_activation_key
SET
user_status = ".USER_STATUS_ACTIVE.",
user_activation_key = NULL
JOIN
users
ON
users_status.user_activation_key = ?
AND
users_status.user_uid = users.user_uid LIMIT 1");
// execute query
$stmt->execute(array($key));
if ( $stmt->rowCount() > 0 ) {
echo 'account now activated';
exit;
} else {
// update not sucessful
// THIS IS THE BIT IM CONFUSED WITH;
// IF RETURNED RESULT IS 0 (WHICH IT WILL BE IF I GET HERE WHEN RUNNING SCRIPT)
// THEN I GUESS THAT MEANS THERE WAS NOT AN ERROR IN SQL SYNTAX BUT
// CONDITION IN SQL STATEMENT COULD NOT BE MATCHED ? IS THAT CORRECT WHAT I AM THINKING ?
// IF I AM CORRECT THEN OBVIOUSLY I WILL DISPLAY A MESSAGE TO USER AND EXIT HERE;
// AS IF I AM THINKING RITE ANY SYNTAX ERROR WOULD BE CAUGHT BY CATCH BLOCK AND THIS ELSE STATEMENT
// MEANS COULD NOT UPDATE BECAUSE NO MATCH IN UPDATE QUERY COULD BE FOUND ?
}
} // else no match found
else {
// no match found invalid key
echo '<h1>Invalid Activation Link</h1>';
$SiteErrorMessages =
"Oops! Your account could not be activated. Please recheck the link in your email.
The activation link could not be found or the account has already been activated.";
SiteErrorMessages();
include($footer_inc);
exit;
}
// close database connection
$dbh = null;
} // if any errors found log them and display friendly message
catch (PDOException $e) {
ExceptionErrorHandler($e);
require_once($footer_inc);
exit;
}
} else {
// else key not valid or set
echo '<h1>Invalid Activation Link</h1>';
$SiteErrorMessages =
"Oops! Your account could not be activated. Please recheck the link in your email.
The activation link appears to be invalid.<br /><br />
If the problem persists please request a new one <a href='/member/resend-activation-email'>here</a>.";
SiteErrorMessages();
include($footer_inc);
exit;
}
You are right:
Then it means no rows has been updated.
If you heve sql errors or errors while executing query you receive a FALSE return value or also a PDO EXCEPTION when you execute