fulwilerdavid has asked for the wisdom of the Perl Monks concerning the following question:

I don't know why I am trying this I may be able to find the answer if any one even answers. This is a question about making an update work. This is for a non profit food pantry where we are trying to track the visitors here is the whole script. It seems like you are picky about how much a person puts in but I have no other idea how to do this. 
#!/usr/bin/perl -wc
# vitals1u.cgi


use CGI ":standard";
use DBI;
use strict;
use CGI::Carp qw( fatalsToBrowser );


my $dbh = DBI->connect("DBI:mysql:interchange:", 'fang', '7864221a');

#  get the posted data
  
   my $id = param('id') || ' ';
   my $lnamek = param('lnamek') || ' ';
   my $fname = param('fname') || ' ';
   my $lname = param('lname') || ' ';
   my $address = param('address') || ' ';
   my $apt = param('apt') || ' ';
   my $city = param('city') || ' ';
   my $state = param('state') || ' ';
   my $zip = param('zip') || ' ';
   my $dob = param('dob') || ' ';
   my $men = param('men') || ' ';
   my $women = param('women') || ' ';
   my $boys = param('boys') || ' ';
   my $girls = param('girls') || ' ';


   my $sth = $dbh->prepare("UPDATE vitals1 SET id = ?, lnamek = ?, fna
+me = ?, 
     lname = ?, address = ?, apt = ?, city = ?, state = ?, zip = ?, 
     dob = ?, men = ?, women = ?, boys = ?, girls = ?");
     $sth->bind_param(1, $id);
     $sth->bind_param(2, $lnamek);
     $sth->bind_param(3, $fname);
     $sth->bind_param(4, $lname);
     $sth->bind_param(5, $address);
     $sth->bind_param(6, $apt);
 $sth->bind_param(7, $city);
     $sth->bind_param(8, $state);
     $sth->bind_param(9, $zip);
     $sth->bind_param(10, $dob);
     $sth->bind_param(11, $men);
     $sth->bind_param(12, $women);
     $sth->bind_param(13, $boys,);
     $sth->bind_param(14, $girls);
          or die "Could not prepare SQL: " . $dbh->errstr();
    $sth->execute(1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14);
      or die "Could not execute SQL: " . $dbh->errstr();


$sth->finish();
$dbh->disconnect();

[download]
I then get this king of feedback from the program. 
interchange:/panix/apache/cgi-bin # perl vitals1u.cgi ?id=1234&lnamek=
+glitz&fname=Gladdy&lname=Glitz&address=456+N.+astrakahn&apt=77&city=M
+ilwaukee&state=WI&zip=53488&dob=19330501&men=1&women=2&boys=&girls=&S
+ubmit=Submit
[1] 7966
[2] 7967
[3] 7968
[4] 7969
[5] 7970
[6] 7971
[7] 7972
[8] 7973
[9] 7974
[10] 7975
[11] 7976
[12] 7977
[13] 7978
[14] 7979
[2]   Done                    lnamek=glitz
[3]   Done                    fname=Gladdy
[4]   Done                    lname=Glitz
[5]   Done                    address=456+N.+astrakahn
[6]   Done                    apt=77
[7]   Done                    city=Milwaukee
[8]   Done                    state=WI
[9]   Done                    zip=53488
[10]   Done                    dob=19330501
[11]   Done                    men=1
[12]   Done                    women=2
[13]   Done                    boys=
[14]   Done                    girls=
interchange:/panix/apache/cgi-bin # Content-type: text/html

<h1>Software error:</h1>
<pre>syntax error at vitals1u.cgi line 48, near &quot;or&quot;
vitals1u.cgi had compilation errors.

[download]
I don't have a lot of faith in this methodology to work my e mail is davidfulwiler@sbcglobal.net the web site this is from is http://interchangemilwaukee.org give me a hand if you like. Dave

2006-06-27 Retitled by Corion, as per Monastery guidelines
Original title: 'DBI::MYSQL::st'

Replies are listed 'Best First'.
Re: tracking a syntax error (DBI::MYSQL::st)
by McDarren (Abbot) on Jun 27, 2006 at 01:39 UTC
    Okay, well looking at line 48 (where the error is), it seems that you've missed a closing parentheses. That is, lines 47/48 should read: 
        $sth->bind_param(14, $girls)
    );
          or die "Could not prepare SQL: " . $dbh->errstr();

    [download]

    Wrong, wrong, wrong!!! (sigh - it's too early in the morning :/)

    Anyway, it looks like line 48 is completely meaningless, so you should just remove it altogether. 

    or die "Could not prepare SQL: " . $dbh->errstr();

    [download]
    A statement like that on it's own has no meaning.

    So what you actually want is: 

       $sth->bind_param(14, $girls);
 
    $sth->execute(1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
      or die "Could not execute SQL: " . $dbh->errstr();

    [download]

    Note that the trailing semi-colon has been removed from the $sth->execute line.

    Cheers,
    Darren :)

[reply]
[d/l]
[select]
Re: tracking a syntax error (DBI::MYSQL::st)
by bart (Canon) on Jun 27, 2006 at 06:59 UTC
    I never use bind_param, but I looked it up in the docs. And it seems to me that in that case, $sth->execute should get no parameters. Also, you shouldn't try to insert other statements between two parts of one statement!

    So your lines 31-50 should become: 

       my $sth = $dbh->prepare("UPDATE vitals1 SET id = ?, lnamek = ?, fna
+me = ?, 
     lname = ?, address = ?, apt = ?, city = ?, state = ?, zip = ?, 
     dob = ?, men = ?, women = ?, boys = ?, girls = ?")
          or die "Could not prepare SQL: " . $dbh->errstr();
   $sth->bind_param(1, $id);
   $sth->bind_param(2, $lnamek);
   $sth->bind_param(3, $fname);
   $sth->bind_param(4, $lname);
   $sth->bind_param(5, $address);
   $sth->bind_param(6, $apt);
   $sth->bind_param(7, $city);
   $sth->bind_param(8, $state);
   $sth->bind_param(9, $zip);
   $sth->bind_param(10, $dob);
   $sth->bind_param(11, $men);
   $sth->bind_param(12, $women);
   $sth->bind_param(13, $boys,);
   $sth->bind_param(14, $girls);
   $sth->execute
      or die "Could not execute SQL: " . $dbh->errstr();

    [download]
    but I'd prefer to no use bind_param, and do this instead: 
       my $sth = $dbh->prepare("UPDATE vitals1 SET id = ?, lnamek = ?, fna
+me = ?,
     lname = ?, address = ?, apt = ?, city = ?, state = ?, zip = ?,
     dob = ?, men = ?, women = ?, boys = ?, girls = ?");
    $sth->execute($id, $lnamek, $fname, $lname, $address, $apt, $city,
+ $state, $zip, $dob, $men, $women, $boys, $girls);
          or die "Could not execute SQL: " . $dbh->errstr();

    [download]

    Still... are you aware that this SQL statement will update every row in your database table? You don't have a WHERE clause.

[reply]
[d/l]
[select]
      Still... are you aware that this SQL statement will update every row in your database table? You don't have a WHERE clause.

      Unless one of the fields is a primary key, then only one row is updated and a whole bunch of duplicate key update failures are generated (and ignored?).

      --Solo

      --
      You said you wanted to be around when I made a mistake; well, this could be it, sweetheart.
[reply]

Back to Seekers of Perl Wisdom