Part III: Using PHP in Practice
                   If you want to insert only some values, leaving  NULL s or other default values in the remaining fields, use:



                    INSERT INTO   table  (  field1 ,  field2 , ... ) VALUES (  value1 ,  value2 , ... );



                      Though the first approach is compact, and perfectly valid if you want to populate all the fields in the
                    row, the second approach is generally more flexible and readable.
                  So how do you insert records using your PHP script? You pass   INSERT  statements to MySQL via PDO in
                 much the same way as you pass   SELECT  statements. If you don ’ t want to pass data from any PHP
                variables, you can use the simpler   PDO::query()  method  —  for example:
                      < ?php
                    $dsn = “mysql:dbname=mydatabase”;
                    $username = “root”;
                    $password = “mypass”;

                    try {
                      $conn = new PDO( $dsn, $username, $password );
                      $conn- > setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
                    } catch ( PDOException $e ) {
                      echo “Connection failed: “ . $e- > getMessage();
                    }

                    $sql = “INSERT INTO members VALUES ( 8, ‘derek’, password(‘mypass’), ‘Derek’,
                    ‘Winter’, ‘2008-06-25’, ‘m’, ‘crime’, ‘derek@example.com’, ‘Watching TV,
                    motor racing’ )”;

                    try {
                      $conn- > query( $sql );
                    } catch ( PDOException $e ) {
                      echo “Query failed: “ . $e- > getMessage();
                    }





                    ? >

                      Notice that, although the call to  $conn - > query()  still returns a  PDOStatement  object, the object is

                    discarded in this case. There ’ s no result set to examine, so there ’ s no need to hold onto the
                      PDOStatement  object.
                   However, chances are that you do want to insert data that is stored in PHP variables. For example, if a
                 member has just registered using a registration form, you ’ ll want to pass the form data to the   INSERT
                statement to add the member record. The safest way to do this is to create a prepared statement using
                  PDO::prepare() , as you did with  SELECT  queries in the previous chapter. You can then use
                 placeholders in the query string for each of the field values that you want to insert, and pass the data
                 into the query using calls to   PDOStatement::bindValue() . For example:
                      < ?php
                    $dsn = “mysql:dbname=mydatabase”;
                    $username = “root”;
                    $password = “mypass”;





              404





                                                                                                      9/21/09   9:14:03 AM
          c14.indd   404                                                                              9/21/09   9:14:03 AM
          c14.indd   404