We Keep Coding

I get an error with my PHP code updating one table

I get an error with my PHP code when updating the table patient. I cannot find the problem.
Here is my error:
Verification Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1
<?php
$edit = mysql_query("UPDATE `patient` SET `date`='$date', `fname`='$fname', `lname`='$lname', `birthday`='$dob', `address`='$address', `work`='$work', `civil`='$civil', `gender`='$sex', `btype`='$bloodtype', `height`='$hgt', `weight`='$wgt', `fallergy`='$fallergy', `mallergy`='$mallergy' WHERE `patientid`='$vara'");
$result = mysql_query($edit) or die("Verification Error: " . mysql_error());

You are calling mysql_query twice; the second time you pass the result, of the first call, into it as an argument. That is not how mysql_query works. The SQL should just be a string:
$edit = "UPDATE `patient` SET `date`='$date', `fname` ...";
$result = mysql_query($edit) or die("Verification Error: " . mysql_error());
We cannot see the rest of your code, so we do not know if there are more problems, but this should fix the problem in your question.

query failedSQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax

Query failed:
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':c2 , add=:c3 , mob=:c4 WHERE id=:c1' at line 1
I had a syntax error in this program,I can't update "cus" table in database.Please anyone can solve this bug.
Thankyou
My PHP codings are below:
if(isset($_POST['submit']))
{
$c1=$_POST['cid1'];
$c2=$_POST['cname1'];
$c3=$_POST['cadd1'];
$c4=$_POST['cmob1'];
$sql1 = "UPDATE 'cus' set 'name'=':c2' , 'add'=':c3' , 'mob'=':c4' WHERE 'id'=':c1'";
$st1=$conn->prepare($sql1);
$st1->bindParam(":c2",$c2,PDO::PARAM_STR);
$st1->bindParam(":c3",$c3,PDO::PARAM_STR);
$st1->bindParam(":c4",$c4,PDO::PARAM_STR);
$st1->bindParam(":c1",$c1,PDO::PARAM_INT);
$st1->execute();
header("location:frm.php");
}

You need to use backticks around table and column names, or just leave the quotes out entirely if the names are not reserved words. Single quotes are for strings. You also must NOT put placeholders inside quotes.
$sql1 = "UPDATE `cus` set `name`=:c2 , `add`=:c3 , `mob`=:c4 WHERE `id`=:c1";

Identifier quotes are not single quotes. They are supposed to be backticks. Just ditch them instead.
Placeholders doesn't need quotes wrapping them:
$sql1 = "UPDATE cus SET name = :c2 , `add` = :c3 , mob = :c4 WHERE id = :c1";
EDIT:
With the exception of the reserved word ADD. That requires backticks
if(isset($_POST['submit'])) {
$c1 = $_POST['cid1'];
$c2 = $_POST['cname1'];
$c3 = $_POST['cadd1'];
$c4 = $_POST['cmob1'];
$sql1 = "UPDATE cus SET name = :c2 , `add` = :c3 , mob = :c4 WHERE id = :c1";
$st1 = $conn->prepare($sql1);
$st1->bindParam(":c2",$c2,PDO::PARAM_STR);
$st1->bindParam(":c3",$c3,PDO::PARAM_STR);
$st1->bindParam(":c4",$c4,PDO::PARAM_STR);
$st1->bindParam(":c1",$c1,PDO::PARAM_INT);
$st1->execute();
header('Location: frm.php');
}

mysql check manual error

Came across an error i have never seen before after writing the following code:
$query= "UPDATE `Pharm_Log` SET `text` = ". $bloodtest . " WHERE `id` = " . $patientid;
$result = mysql_query($query) or die(mysql_error());
My error message was this
"You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near 'Pressure Test: 235/43 WHERE id = 1' at line 1"
Any one have any idea on how to fix this? would be greatly appreciated

the string literal (value of $bloodtest) must be wrap with single quotes,
$query= "UPDATE `Pharm_Log` SET `text` = '". $bloodtest . "' WHERE `id` = " . $patientid;
$result = mysql_query($query) or die(mysql_error());
As a sidenote, the query is vulnerable with SQL Injection if the value(s) of the variables came from the outside. Please take a look at the article below to learn how to prevent from it. By using PreparedStatements you can get rid of using single quotes around values.
How to prevent SQL injection in PHP?

MySQL UPDATE gives error

I have tried for hours now to update a MySQL table with PHP.
I used the following code (and several others) but it gives an error message:
$id = $_GET['id'];
if(isset($_POST['descr'])){
$go = $_POST['descr'];
mysql_query("UPDATE Rooms SET Desc='$go' WHERE Room_ID='$id'")
or die(mysql_error());
}
mysql_close($conn);
with the error: "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Desc='This room is the primary test-room. It is?' WHERE Room_ID='11'' at line 1"
The form is called: "descr", the table "Rooms", the field that needs update is "Desc" and it should be where the corresponding ID is, based on a dynamic URL.
If I write echo = $go it outputs the correct data, so I suppose it's the php.
It DOES connect correctly to the database.

Desc is a special word in mysql
try it by escape
mysql_query("UPDATE Rooms SET `Desc`='$go' WHERE Room_ID='$id'")

Assuming that ID is a number:
$id = $_GET['id'];
if(isset($_POST['descr'])){
$go = $_POST['descr'];
mysql_query("UPDATE Rooms SET `Desc`='".$go."' WHERE Room_ID=".$id.")
or die(mysql_error());
}
mysql_close($conn);

Desc is reserved for ORDER BY! Enclose it with '`' symbols!
mysql_query("UPDATE `Rooms` SET `Desc` = '".$go."' WHERE `Room_ID` = ".$id.")
or die(mysql_error());

How do I update a query correctly

Whats wrong with my code?
Basically what I'm trying to do is add a number and update a field in the sql with what is connected to the variable. But since steamids look like this STEAM_0:0:123123123 or STEAM_0:1:123123123 I get this
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':0:14166834' at line 1
This is just for learning, so I know my code has useless echos, but its just to see it being added and making sure i was doing it correctly anyways
addmoney.php
<?php
include("inc/config.php");
$mysteamid=mysql_real_escape_string($_POST['mysteamid']);
$sql = "SELECT * FROM $tbl_name WHERE steamid='$mysteamid'";
$result=mysql_query($sql);
$cash=mysql_result($result, 0, 'cash'); // outputs 7th
echo $cash;
$newcash= $cash + "10000";
echo "\n";
echo $newcash;
mysql_query("UPDATE $tbl_name SET `cash` = $newcash WHERE `steamid` = $mysteamid") or die(mysql_error());
?>
index.php contains a working formdata its not really required with the error in my code.
my main problem is this line from addmoney.php which is
$mysql_query("UPDATE $tbl_name SET `cash` = $newcash WHERE `steamid` = $mysteamid") or die(mysql_error());

As your steamid field in your DB is a string (it seems to be, as possible values are STEAM_0:0:123123123 and STEAM_0:1:123123123), you must use quotes arround the value :
mysql_query("UPDATE $tbl_name SET `cash` = $newcash WHERE `steamid` = '$mysteamid'");
Using mysql_real_escape_string() is necessary, as it escapes quotes inside the variable you pass it as a parameter -- but you still have to put quotes arround the string, in your SQL queries.

In the first query you surrounded your $mysteamid value with simple quotes, and in the second query you didn't. If the steamid is a string type, you need to surround the value with quotes, like
"UPDATE $tbl_name SET `cash` = $newcash WHERE `steamid` =' $mysteamid'"