I have found many ways to use the exec statement for PDO, but I'm not sure it helps me. My understanding is that I have to use the execute() function for prepared statements. I am updating a row with data from user input, so I would like to use a prepared statement instead of the query() call.
My code is as follows:
$dbh = buildDBConnector();
$sql = "UPDATE tb_users
WHERE id = ? AND authPass = ?";
$q = $dbh->prepare($sql);
$f = $q->execute(array($id,$authPass));
echo '<br />Success<br />';
echo '<br />Failure<br />';
$q->rowCount(). Prepared statements will return the number of affected rows via that method.