php and mysql syntax issues using update statements - php

i am trying to figure out the syntax problem in my query
the block of code goes like this:
$updatequery = "update patient_dim set dentist_id = $dentist_id where".
"patient_id = $patient_id";
$queryResult = mysql_query($updatequery,$con);
if(!$queryResul){
trigger_error("insert error" . mysql_error());
}
mysql_close($con);
then the error goes like this:
Notice: inssert errorYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\"1" where patient_id = 4'
i suspect incorrect syntax in the $updatequery statement
for further information value of the $patient_id = 1 while the value of the $dentist_id = 4, i have tried all of your approaches still the same error. anyway thanks your helping

Your query needs space after where
$updatequery = "update patient_dim set dentist_id = $dentist_id where patient_id = $patient_id";

$updatequery = "update patient_dim set dentist_id = $dentist_id where".
" patient_id = $patient_id";
you forgot to add space after WHERE clause

After WHERE Clause there must be a blank space before the condition.
Use as follows.
<?php
$updatequery = "update patient_dim set dentist_id = ".$dentist_id ." where patient_id = ".$patient_id;
$queryResult = mysql_query($updatequery);
if(!$queryResult){
die("insert error" . mysql_error());
}
mysql_close($con);
?>

Related

Check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE id ='2'' at line 4

I have a problem with my UPDATE code. It gives me this error:
Update Failed!! You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE id ='2'' at line 4
I'm searching online and I cant find any solution to my problem.
THIS IS MY UPDATE CODE:
<?php
include('db.php');
$id = $_GET['id'];
if (isset($_POST['id'])){
$sql = "UPDATE tbl_student SET stud_id ='".$_POST['stud_id']."',
fullname ='".$_POST['fullname']."',
course ='".$_POST['course']."',
WHERE id ='".$_POST['id']."'";
$result = $conn->query($sql) or die ("Update Failed!!" . $conn->error);
header("location: index.php");
}
else {
echo "ERROR" . $conn->error;
header ("location: update.php");
}
?>
You have added , at last after course . Remove it. Change your query to:
$sql = "UPDATE tbl_student SET stud_id ='".$_POST['stud_id']."',
fullname ='".$_POST['fullname']."',
course ='".$_POST['course']."'
WHERE id ='".$_POST['id']."'";

Syntax error near 'WHERE emp_id = $emp_id' at line 1

I've been trying to make a php form page for the users of my website.
When I open the .php page I got the standard error message :
Could not enter data: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE emp_id = $emp_id' at line 1
Can anybody help me with the syntax of these commands ???
The Code is here :
<?php
include 'dbc.php';
$emp_id = $_POST['emp_id'];
$emp_name = $_POST['emp_name'];
$emp_address = $_POST['emp_address'];
$emp_salary = $_POST['emp_salary'];
$emp_date = $_POST['join_date'];
$sql = 'INSERT INTO employee SET emp_salary = $emp_salary WHERE emp_id = $emp_id';
mysql_select_db($dbname);
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
mysql_close($conn);
?>
The query syntax is wrong. You have to use UPDATE query. As you are enclosing the query in single quote, the PHP variables won't get replaced. So change
$sql = 'UPDATE employee SET emp_salary = $emp_salary WHERE emp_id = $emp_id';
to
$sql = "UPDATE employee SET emp_salary = $emp_salary WHERE emp_id = $emp_id";
or
$sql = 'UPDATE employee SET emp_salary = '.$emp_salary.' WHERE emp_id = '.$emp_id;
Hi again all you good people
I thanks very much for the amount of answers !
The right solution was found and the problem is solved with this statement:
$sql = "UPDATE `employee` SET `emp_salary` = '$emp_salary' WHERE emp_id = '$emp_id'";
Most of you was inded right about the syntax and the choice about UPDATE.
The above statement function very well, but it was a bit hard to find the way.
Thanks again for all your kindness, help and time to answer my help
John Engelsby-Hansen
$sql = 'UPDATE employee SET emp_salary=$emp_salary WHERE emp_id = '.$emp_id;
Insert query should be
$sql = 'INSERT INTO employee SET emp_salary = $emp_salary'; // it is valid without where clause
and there is no meaning for Where clause in Insert Qqery
Actually, if You want to update record then write an update query where we have to set values for column
Like
$sql = 'Update employee SET emp_salary= $emp_salary WHERE emp_id = $emp_id';
Your Update Query is wrong
If its an UPDATE query then it should be
UPDATE employee SET emp_salary = $emp_salary WHERE emp_id = $emp_id
And if you are trying to insert a row then how can you use a WHERE condition?
WHERE condition are used in cases of UPDATE QUERY, NOT INSERT QUery

Why wont this mysql update script work?

I have been beating my head against a wall for a few hours now trying to get this to update my DB.
<?
//edit_item_data.php
$con=mysqli_connect("localhost","root","","Inventory");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql= "UPDATE Item
SET Catagory = '$_POST[Catagory]',
Cost = '$_POST[Cost]',
Condition = '$_POST[Condition]',
PurchaseLot_PurchaseLotID = '$_POST[PurchaseLot]',
Location = '$_POST[Location]',
Desc = '$_POST[Desc]',
Notes = '$_POST[Notes]'
WHERE
ItemID = '$_POST[id]'";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
echo "1 record added";
mysqli_close($con);
?>
<script type='text/javascript'>
settimeout('self.close()',5000);
</script>
this is the error I'm getting
Error: You have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use near 'Condition = New,
PurchaseLot_PurchaseLotID = 1, Location = e' at line 4
I'm running mysql 5.6 and php 5.5. I'm sure its something dumb but I can't for the life of me see what it is.
Well you are hilariously vulnerable to SQL injection doing what you are doing, but the problem is that you aren't enclosing your variables in quotes, e.g:
SET Catagory = '$_POST[Catagory]',
-- etc
Use mysqli_real_escape_string to escape your variables before you put them into your SQL, like this:
SET Catagory = '" . mysqli_real_escape_string($_POST['Catagory'], $con) . "',
You want something like this:
$sql = "UPDATE `Item` SET
`Catagory` = '".mysqli_real_escape_string($_POST['Catagory'],$con)."',
`Cost` = '".mysqli_real_escape_string($_POST['Cost'],$con)."',
........
WHERE `ItemID` = ".intval($_POST['id']);
Side-note, it's spelled "category".
EDIT: If you, like me, can't be arsed to type out such a long function name...
$e = function($str) use ($con) {
return mysqli_real_escape_string($str,$con);
};
Then:
... `Catagory` = '".$e($_POST['Catagory'])."' ...
The real issue was lack of grave accents
SET `Catagory` = '$_POST[Catagory]',

MySQL error When Update the database

$column = "`0907001`='0',`0907002`='0',`0907003`='0',`0907004`='0',`0907005`='0'";
$date="01/01/2013";
$sql_cmd = "UPDATE `$database`.`$table` SET ($column) WHERE `$table`.`Date` = '$date'";
if(!mysql_query($sql_cmd)) {
die('inside AddUserToDataBase Error: ' . mysql_error());
}
Here I got an error
the error is
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(`0907001`='0',`0907002`='0',`0907003`='0',`0907004`='0',`0907005`='0') WHERE `C' at line 1
Please Help....
How can I solve this problem........
Just drop the ( ) around $columns in the query:
$sql_cmd = "UPDATE `$database`.`$table` SET $column WHERE `$table`.`Date` = '$date'";
Remove the parenthesis around the columns. Instead of:
UPDATE TABLE table SET (column = value)
It should be
UPDATE TABLE table SET column = value

php mysql update error

code :
mysql_connect('localhost','root','root');
mysql_select_db('share_counter');
$sql_insert = "UPDATE wpshare SET '$social_name'='45' where post_title = '$post_title' ";
mysql_query($sql_insert) or die(mysql_error());
error :
You have an error in your SQL syntax;
check the manual that corresponds to
your MySQL server version for the
right syntax to use near
''twitter_count'='45' where post_title
= 'test'' at line 1
thanks advance
omit the quotes over $social_name
$sql_insert = "UPDATE wpshare SET $social_name='45' where post_title = '$post_title' ";
quotes around the column names (aka $social_name) should be like this ` not like this '
so $sql_insert = "UPDATE wpshare SET `$social_name`='45' where post_title = '$post_title' ";
and if your column names have no spaces , you can just remove the quotes ...
$sql_insert = "UPDATE `wpshare` SET `$social_name`='45' WHERE `post_title` = '$post_title'";

Categories