i am new to php programming. I always get this error when i run my code
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE service_name = ''' at line 7
this is my code
<?php
session_start();
include('../conn/openconn.php');
if(isset($_POST['butsend'])) {
$servicename = strtoupper($_POST['txtservicename']);
$serviceurl = $_POST['txtserviceurl'];
$id_div = $_POST['select_div'];
$id_unit = $_POST['select_unit'];
$servicedesc = $_POST['txtservicedesc'];
$id = $_SESSION['service_name'];
$updateuser = "UPDATE service SET
service_name = '$servicename',
service_url = '$serviceurl',
id_div = '$id_div',
id_unit = '$id_unit',
service_desc = '$servicedesc',
WHERE service_name = '$id'";
mysql_query($updateuser) or die (mysql_error());
}
?>
i have already search all the previous question but due to my limited knowledge in the programming i
cannot find the solution. sorry for my bad english..
You have an extra comma. Remove it.
$updateuser = "UPDATE service SET
service_name = '$servicename',
service_url = '$serviceurl',
id_div = '$id_div',
id_unit = '$id_unit',
service_desc = '$servicedesc', <-- HERE
WHERE service_name = '$id'";
Related
im busy trying to set multiple fields in my DB and it is not working for some reason. Can you take a look and let me know where i have gone wrong? Thank you
<?php
error_reporting('E_ALL');
include 'db_header.php';
$id = $_GET['ID'];
$bronzeTokens = $_GET['bronzeTokens'];
$silverTokens = $_GET['silverTokens'];
$goldTokens = $_GET['goldTokens'];
$platinumTokens = $_GET['platinumTokens'];
$sql = "UPDATE Player SET bronzeTokens = $bronzeTokens, goldTokens = $goldTokens, silverTokens = $silverTokens, platinumTokens = $platinumTokens WHERE ID = $id";
$result = $conn->query($sql);
?>
I don't know why, but for some reason the code below is not working as intended
$SQL = "UPDATE characters SET
name = '$char_name',
status = '$char_status',
gender = $char_gender,
pos.x = $char_posx,
pos.y = $char_posz,
shards = $char_money,
level = $char_level,
exp = $char_exp,
hair = $char_hair,
color.r = $char_color_r,
color.g = $char_color_g,
color.b = $char_color_b,
spawn = $char_spawn
WHERE username = '$nick'";
mysql_query($SQL) or die("ERRORCODE 04 - DB QUERY FAIL");
echo "saved";
it's always giving me the "ERRORCODE 04.." meaning that the query failed..
FYI: setting pos.y db value to the char_posz is correct as the axes are different from the Form to the actual database
EDIT: code now changed a bit due to some comments, looks now like this:
$SQL = "UPDATE characters SET
name = '$char_name',
status = '$char_status',
gender = $char_gender,
pos_x = $char_posx,
pos_y = $char_posz,
shards = $char_money,
level = $char_level,
exp = $char_exp,
hair = $char_hair,
color_r = $char_color_r,
color_g = $char_color_g,
color_b = $char_color_b,
spawn = $char_spawn
WHERE username = '$nick'";
mysqli_query($dbcon, $SQL) or die(mysqli_error($dbcon));
echo "saved";
this is the error I get:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '
pos_x = ,
pos_y = ,
shards = ,
' at line 4
Try to put single quotes around all variables in the query
Hi i have a reads counter, but i always get an MySQL error:
MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''reads') VALUES ('2') WHERE id = '20'' at line 1
$reads = $row['reads']+1;
$newsid = $row['id'];
if(!$query = $db->query("UPDATE cmsss_news_articles SET reads = '$reads' WHERE id = '$newsid'")) {
echo "<center><b>Error, cant update row</b></center>";
}
Can you please help me where is the mistake?
reads is a reserved word in MySQL. Escape it with backticks.
UPDATE cmsss_news_articles
SET `reads` = '$reads'
...
Reads is a reverse key word in MySQL, hence put that in backquotes.
try this:
if(!$query = $db->query("UPDATE cmsss_news_articles SET `reads` = '$reads' WHERE id = '$newsid'")) { ^^
echo "<center><b>Error, cant update row</b></center>";
}
You can also loose the increment variable to gain some performance and simplicity.
$newsid = $row['id'];
if(!$query = $db->query("UPDATE cmsss_news_articles SET `reads` = `reads` + 1 WHERE id = '$newsid'")) {
echo "<center><b>Error, cant update row</b></center>";
}
Dear friend i am trying to update the recode but the following message always come up
" You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 9"
the code looks fine but i do not understand what i am doing wrong can someone help.
thanks in Advance.
<?php
if(isset($_POST['edit'])){
// this id wil be pulled from the URL above.
$hot_id = $_GET['hotl'];
$hotel_name = escape_value($_POST['title']);
$hotel_star = escape_value($_POST['category']);
$shortdes = escape_value($_POST['shortdes']);
$country = escape_value($_POST['country']);
$address = escape_value($_POST['address']);
$pcode = escape_value($_POST['pcod']);
$city = escape_value($_POST['city']);
$query = "UPDATE Hotels SET
hotel_name = '{$hotel_name}',
star ='{$hotel_star}',
description = '{$shortdes}',
country = '{$country}',
hotel_address = '{$address}',
hotel_postal_code = '{$pcode}',
hotel_city = '{$city}'
WHERE hotel_id = {$hot_id}";
$result = mysql_query($query, $connection);
if(mysql_affected_rows() == 1){
//Success
}else{
die("Some thing wrong with the Upadate: ". mysql_error());
}
}else{
//error ocurred
}
?>
i am posting my question in both PHP and Mysql Forum because i do not know exaectly where is the problem.
The easiest way to debug SQL statements (as mentioned above) is to echo out your query before you submit it and see exactly what you are sending to the database. That being said, why don't you try putting some quotes(' ') around your $hot_id var:
WHERE hotel_id = '{$hot_id}'
Somewhere in the update there should be $hot_id:
"UPDATE Hotels SET
hotel_name = '{$hotel_name}', hotel_id = '{$hot_id}', etc
This code below gives me this error:
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' where id = '000'' at line 1"
I don't understand the issue here
<?php
include(".conf.php");
$con = mysql_connect($conf['db_hostname'], $conf['db_username'], $conf['db_password']) or die (mysql_error());
$db = mysql_select_db("aTable", $con);
$pr = $_GET['aThing'];
$pr = addslashes(htmlentities($prof));
$info_array = mysql_query("SELECT * FROM '$db' where id = '$pr'", $con) or die(mysql_error());
while($row = mysql_fetch_array( $info_array )) {
echo $row['aThing'];
echo "</br>";
echo $row['aThing'];
echo "</br>";
echo $row['aThing'];
echo "</br>";
echo $row['aThing'];
};
?>
Thanks for your help.
You should put table name into FROM : SELECT * FROM aTable WHERE .....Also, you don't escape variable that comes from user.
You will need something like :
mysql_query("SELECT * FROM aTable where id = '".mysql_real_escape_string($pr)."'", $con) or die(mysql_error());
Function mysql_select_db returns either TRUE or FALSE
Instead, try:
$info_array = mysql_query("SELECT * FROM aTable where id = '$pr'", $con) or die(mysql_error());
Or perhaps:
$dbtable = "aTable";
$info_array = mysql_query("SELECT * FROM $dbtable where id = '$pr'", $con) or die(mysql_error());
I am pretty sure it doesn't have any errors with the exception of the
fatal error killing it.
I would say you'll get to a solution faster if you believe MySQL when it tells you there's a problem.
Re-reading the error message:
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near ''' where id = '000'' at line 1
I would question the table name and the quotes around the id. If that's an integer column, I'd expect to see a number without quotes.
If I remember correctly, mysql_select_db returns true or false. It doesn't return database name.