I need to update my database so I write:
try {
$STH = $db->prepare("UPDATE zemljiste (naziv, ha, ar, m2, udeo_ha, udeo_ar, udeo_m2, lokacija, osnov, kat_kul, 2013_kol, ocekivano) VALUES (:1,:2,:3,:4,:5,:6,:7,:8,:9,:10,:11,:12) WHERE id = :id_akt AND user_id=:13");
$STH->bindParam(':id_akt', $_POST['naziv']);
$STH->bindParam(':1', $_POST['naziv']);
$STH->bindParam(':2', $_POST['ha']);
$STH->bindParam(':3', $_POST['ar']);
$STH->bindParam(':4', $_POST['m2']);
$STH->bindParam(':5', $_POST['udeo_ha']);
$STH->bindParam(':6', $_POST['udeo_ar']);
$STH->bindParam(':7', $_POST['udeo_m2']);
$STH->bindParam(':8', $_POST['lokacija']);
$STH->bindParam(':9', $_POST['osnov']);
$STH->bindParam(':10', $_POST['kultura']);
$STH->bindParam(':11', $_POST['prinos_2013']);
$STH->bindParam(':12', $_POST['ocekivano']);
$STH->bindParam(':13', $user_id);
$STH->execute();
but I get error:
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an
error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '(naziv, ha, ar,
m2, udeo_ha, udeo_ar, udeo_m2, lokacija, osnov, kat_kul, 2013_ko' at
line 1Data submitted successfully
How I can solve this?
What is exactly error in my code?
UPDATE syntax is wrong and you should avoid integer placeholders
$query ="UPDATE `zemljiste`
SET naziv = :naziv, ha = :ha, ar = :ar, m2 = :m2, udeo_ha = :udeo_ha,
udeo_ar = :udeo_ar, udeo_m2 = :udeo_m2, lokacija=:lokacija, osnov = :osnov,
kat_kul = :kultura, 2013_kol=:prinos_2013, ocekivano = :ocekivano
WHERE id = :id_akt AND user_id=:user_id";
$STH = $db->prepare($query);
$STH->bindParam(':id_akt', $_POST['naziv']);
$STH->bindParam(':naziv', $_POST['naziv']);
$STH->bindParam(':ha', $_POST['ha']);
$STH->bindParam(':ar', $_POST['ar']);
$STH->bindParam(':m2', $_POST['m2']);
$STH->bindParam(':udeo_ha', $_POST['udeo_ha']);
$STH->bindParam(':udeo_ar', $_POST['udeo_ar']);
$STH->bindParam(':udeo_m2', $_POST['udeo_m2']);
$STH->bindParam(':lokacija', $_POST['lokacija']);
$STH->bindParam(':osnov', $_POST['osnov']);
$STH->bindParam(':kultura', $_POST['kultura']);
$STH->bindParam(':prinos_2013', $_POST['prinos_2013']);
$STH->bindParam(':ocekivano', $_POST['ocekivano']);
$STH->bindParam(':user_id', $user_id);
$STH->execute();
You're using a syntax for INSERT statement in UPDATE, which is wrong.
It should look like this,
UPDATE table SET key=:value, key1=:value1 WHERE id=:id AND foo=:bar. So just replace,
"UPDATE zemljiste (naziv, ha, ar, m2, udeo_ha, udeo_ar, udeo_m2, lokacija, osnov, kat_kul, 2013_kol, ocekivano) VALUES (:1,:2,:3,:4,:5,:6,:7,:8,:9,:10,:11,:12) WHERE id = :id_akt AND user_id=:13"
with
UPDATE zemljiste SET naziv =:1, ha =:2, ...... WHERE id=:id_akt AND user_id = :13
You are using the wrong syntax for update. It should be:
UPDATE zemljiste SET naziv=:1, ha=:2, ar=:3, ... WHERE ...
Related
I am trying to update a simple query and I keep getting the following error message...
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':cat_name, menu_category_description = :cat_desc WHERE id = :id' at line 1
The query I am using looks perfectly valid. I don't know why it keeps showing that error message.
Below is my query I am using.
$query = "UPDATE menu_categories SET menu_category_name = :cat_name, menu_category_description = :cat_desc WHERE id = :id ";
$stmt = $db->query($query);
$stmt->execute([":cat_name" =>$category_name, ":cat_desc" => $category_description, ":id" => $id ]);
You need to first prepare your query: (you're querying instead of preparing)
change this line:
$stmt = $db->query($query);
to:
$stmt = $db->prepare($query);
then change this line
$stmt->execute([":cat_name" =>$category_name, ":cat_desc" => $category_description, ":id" => $id ]);
to (and remove the square brackets)
$stmt->execute(":cat_name" =>$category_name, ":cat_desc" => $category_description, ":id" => $id);
See if this works for you,
$query = "UPDATE menu_categories SET menu_category_name = :cat_name, menu_category_description = :cat_desc WHERE id = :id ";
$stmt = $db->prepare($query);
$stmt->bindParam(':cat_name', $category_name);
$stmt->bindParam(':cat_desc ', $category_description);
$stmt->bindParam(':id', $id);
$stmt->execute();
Also, where are you defining values for your $category_name, $category_description, $id? Make sure they are not empty.
Here's an example of Updating PDO
$pdo = Database::getInstance();
$stmt = $pdo->db->prepare("UPDATE people SET reset='1', active=:acTive WHERE user_id=:id limit 1");
$stmt->bindParam(':acTive', $_POST['active_key']);
$stmt->bindParam(':id', $_POST['id']);
$stmt->execute();
Hope it helps
I have this code php pdo for update value into datatabase:
try {
$DBH = new PDO($dsn, $user, $pass, $opt);
$STH = $DBH->prepare("UPDATE track_aktivnosti SET vrednost = :4, WHERE id_akt = :1, naziv = :3, datum = :2");
$STH->bindParam(':1', $_POST['ajdi']);
$STH->bindParam(':2', $_POST['datum']);
$STH->bindParam(':3', $_POST['tabela']);
$STH->bindParam(':4', $_POST['vrednost']);
but I get this error:
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an
error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near 'WHERE id_akt =
'25', naziv = 'Laza Lazic', datum = '2013-04-01'' at line 1Data
submitted successfully
What is can be probem here? Why I cant update vrednost with this query?
You have multiple errors:
1) Get rid of the comma before your WHERE clause:
SET vrednost = :4, WHERE id_akt = :1
^^^^
HERE
2) Get rid of the commas in your WHERE clause. The correct syntax is to use AND (or OR):
WHERE id_akt = :1, naziv = :3, datum = :2"
^^^^^ ^^^^^
HERE HERE
should be:
WHERE id_akt = :1 AND naziv = :3 AND datum = :2"
Remove comma before your where clause and use conditional operators like (AND/OR)
UPDATE track_aktivnosti SET vrednost = :4
WHERE id_akt = :1 AND naziv = :3 AND datum = :2
I've got an error with my update query in PHP... I've seen other people's mistakes, and I'm almost certain I'm not making the same old mistakes, but I may be ignoring one.
This is my code:
$sQuery = "UPDATE clientes
SET
Nombre = '$_POST[Nombre]',
Apellidos = '$_POST[Apellidos]',
Telefono = '$_POST[Telefono]',
Email = '$_POST[Email]',
WHERE ID= $sIDCliente";
First I thought it had a problem with the $_POST's, but when I echo'ed the query, it was allright. The error I get is this one:
You have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use
near 'WHERE ID= F17DEF774C' at line 7
Well, that's what the page outputs. Thank you all before hand :)
You have an extra comma in the row
Email = '$_POST[Email]',
should be
Email = '$_POST[Email]'
edit:
Also I should mention that you are better off using parameterized queries, and then binding the parameters. It makes your database transactions more secure.
So in your case it would look like this
$mysqli = new mysqli('localhost', 'my_user', 'my_password', 'world');
$stmt = $mysqli->prepare("
UPDATE clientes
SET
Nombre = ?,
Apellidos = ?,
Telefono = ?,
Email = ?
WHERE ID= ?
");
$stmt->bind_param('ssssd', $_POST[Nombre], $_POST[Apellidos], $_POST[Telefono], $_POST[Email], $sIDCliente);
$stmt->execute();
The below sql UPDATE statement returns an error but I'm unable to see why:
Failed to run query: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 6
I already did a vardump of the array that I pass to bind the parameters but I see nothing unusual. The correct values are passed and I double checked for typos.
What I try to accomplish is to auto-generate a username based on firstname - lastname and user_id after insertion into the database.
Perhaps additional question: do you see any harm in that and if so, what is your suggestion?
I'm still in PHP learning phase.
Thanks.
...
//Autogenerate user_name based on first name, last name and user_id (auto-increment)
$query_username = "
UPDATE user_tbl
SET
user_name = :username
WHERE
user_id = :userid
)
";
// The parameter values
$query_params_username = array(
':username' => $_SESSION['user']['first_name'].".".$_SESSION['user']['last_name'].$_SESSION['user']['user_id'],
':userid' => $_SESSION['user']['user_id']
);
try
{
// Execute the query against the database
$stmt_username = $db->prepare($query_username);
$stmt_username->execute($query_params_username);
}
catch(PDOException $ex)
{
//Not to be used in production
die("Failed to run query: " . $ex->getMessage());
}
$_SESSION['user']['username'] = $_SESSION['user']['first_name'].".".$_SESSION['user']['last_name'].$_SESSION['user']['user_id'];
You had a closing parentheses after user_id = :userid
Try the following:
$query_username = "
UPDATE user_tbl
SET
user_name = :username
WHERE
user_id = :userid
";
Try doing this:
$query_username = "
UPDATE `user_tbl`
SET `user_name` = :username
WHERE `user_id` = :userid
";
There seems to be a lost ) character in your code.
I'm trying to run the following query:
$sth = "UPDATE `users` SET users_password VALUES (:hash) WHERE users_id = $users_id";
$q = $conn->prepare($sth);
$q->execute(array(':hash'=>$hash));
But Im getting the following:
Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'VALUES ('$2y$12$Ao46iC7W9Lj8FFfSmAaeoeQs9O.3QRVtDbHAyvpzH90YIUN61ma8i') WHERE us' at line 1'
Any ideas?
(and yes the code isn't in a try, catch block yet just experimenting at them moment with a few things)
change this
$sth = "UPDATE `users` SET users_password VALUES (:hash) WHERE users_id = $users_id";
to
$sth = "UPDATE `users` SET users_password = :hash WHERE users_id = $users_id";