You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'repeat = 'week', location = 'Patowmack Farm', location_link = 'http://maps.googl' at line 1
I keep getting this message for both my update script (show above), and my insert script. I cannot find why it's doing this! Anyone available to help?
My update code:
foreach($_POST['enabled'] as $key => $value ) {
$key = mysql_real_escape_string($key);
if ($_POST['delete'][$key]=='1') {
mysql_query("DELETE FROM upcoming WHERE id='$key'") or die(mysql_error());
}
else {
$title = mysql_real_escape_string($_POST['title'][$key]);
$date = mysql_real_escape_string(($_POST['date'][$key]));
$repeat = mysql_real_escape_string($_POST['repeat'][$key]);
$group = mysql_real_escape_string($_POST['group'][$key]);
$group_link = mysql_real_escape_string($_POST['group_link'][$key]);
$location = mysql_real_escape_string($_POST['location'][$key]);
$location_link = mysql_real_escape_string($_POST['location_link'][$key]);
$notes = mysql_real_escape_string($_POST['notes'][$key]);
$enabled = mysql_real_escape_string($_POST['enabled'][$key]);
mysql_query("UPDATE upcoming SET title = '$title', date = '$date', repeat = '$repeat', location = '$location', location_link = '$location_link', group = '$group', group_link = '$group_link', notes = '$notes', enabled = '$enabled' WHERE id = '$key' LIMIT 1") or die(mysql_error());
}
}
Have you tried changing the query to:
mysql_query("UPDATE `upcoming` SET `title` = '$title', `date` = '$date', `repeat` = '$repeat', `location` = '$location', `location_link` = '$location_link', `group` = '$group', `group_link` = '$group_link', `notes` = '$notes', `enabled` = '$enabled' WHERE `id` = '$key' LIMIT 1") or die(mysql_error());
Edit: And as others have stated; you are using reserved words. I recommend always using the ` symbol. (This can be found at the top left for most keyboards: under the escape key, above the tab key, to the left of the number 1 key.)
GROUP and REPEAT are reserved keywords in MySQL so you have to "escape" it with backticks:
`group` = '$group'
`repeat` = '...'
Also I'm making an assumption here, but you shouldn't wrap $key in quotes because it is an integer value. Also make sure you type cast it to an int by doing int($key).
repeat is a keyword in MySQL use back ticks repeat to use this.
Repeat is a mySQL reserved word: http://dev.mysql.com/doc/refman/5.5/en/reserved-words.html
Try surrounding your column names with backticks.
Related
I am trying to do an update query in php to update my database but the query is not working. It is probably something simple.
$query = "UPDATE Events
SET charity_name = '$charity_name' ,
charity_reg = $charity_reg ,
Event_Name = '$event_tit',
Event_Status_Code = '$event_stat',
Start_Date = $event_dat,
Hours = $event_hour,
location = '$event_loc',
Other_Details = $event_content,
event_image = $imageData,
image_name = '$imageName',
max_available_spaces = $event_spaces,
Event_type = '$eve_category',
event_cost = $event_cost,
event_organiser = '$event_organiser'
WHERE Event_ID = $the_event_id";
You are not putting quotes ('') around some values, that might be a problem unless all thoses values are boolean/ints. Make sure to put quotes around all values, like '$imageData' instead of $imageData Also watch out for sql injections when you are directly inputting the values in your query. Better to use prepared statements
$query = "UPDATE Events
SET charity_name = '$charity_name' ,
charity_reg = '$charity_reg' ,
Event_Name = '$event_tit',
Event_Status_Code = '$event_stat',
Start_Date = '$event_dat',
Hours = '$event_hour',
location = '$event_loc',
Other_Details = '$event_content',
event_image = '$imageData',
image_name = '$imageName',
max_available_spaces = '$event_spaces',
Event_type = '$eve_category',
event_cost = '$event_cost',
event_organiser = '$event_organiser'
WHERE Event_ID = $the_event_id;";
EDIT: as #dWinder mentioned: if $the_event_id is not an integer, make sure to also put quotes around that value.
I have the following code:
if(isset($_POST['regKitsForm'])){
$kitsiteID = $_POST['kitsiteID'];
$sql = "SELECT patientID FROM patient WHERE patientNum=".$_POST['kitpatientID'];
$connect->execute($sql);
$get = $connect->fetch();
$kitpatientID = $get[0];
if(is_numeric($_POST['kitNum1'])) {
$kitNum1 = str_pad($_POST['kitNum1'], 5, '0', STR_PAD_LEFT);
$kitForm = $_POST['kitForm'];
$sql = "UPDATE form$kitForm SET v0".$kitForm."_dd_kitNum1=$kitNum1 WHERE patientID = $kitpatientID AND siteID = $kitsiteID";
This should be inputing e.g.: 00001 from $kitNum1, but it isn't... it's just inputing 1.
Please help
M
Make sure, that your database column is of a string type like varchar(5) and not of an integer type. In addition, put quotes around the value in your query so that it isn't interpreted as a number, but as a string instead:
$sql = "UPDATE form$kitForm SET v0".$kitForm."_dd_kitNum1='$kitNum1' WHERE patientID = $kitpatientID AND siteID = $kitsiteID";
I am facing a problem in making a program with mysql and php...
See i want to save my search queries into the database,,
See this example
Stackoverflow searched = > 20 times on date = > 2013-04-26
Stackoverflow searched = > 10 times on date = > 2013-04-27
Stackoverflow searched = > 50 times on date = > 2013-04-28
Formatting does not matter..Actually i want to save my search queries if the date is changed..
If date got matched so should update times + 1
See this code,,
<?php
$keyword = null;
$date = null;
if (!empty($_GET['s'])) {
$keyword = stripslashes($_GET['s']);
$date = date("Y-m-d");
try {
$objDb = new PDO('mysql:dbname=search;charset=UTF-8', 'root', '');
$check = "SELECT *
FROM `search1`
WHERE `keyword` = '$keyword%'
AND `date` = CURDATE() ";
if (!empty($check))
{
$sql ="UPDATE `search1`
SET `times` = `times` + 1
WHERE `keyword` = '$keyword%'
AND `date` = CURDATE()";
}
else
{
$sql = "INSERT INTO `search1` (`keyword`, `date`) VALUES (:keyword, :date)";
$statement = $objDb->prepare($sql);
$statement->execute(array(':keyword' => $keyword, ':date' => $date));
}
} catch(PDOException $e) {
echo $e->getMessage();
}
}
?>
It is not working.. Something is wrong.. Someone can tell me what is wrong.
I can not use primary key.
you can set a unique index on the field date and keyword
ALTER TABLE `search1` ADD UNIQUE (
`keyword` ,
`date`
);
edit: looks like the OP has got it now, but just for completeness, the above query you just run once to add a unique index to the table - note that it won't work if you have rows that have the same values for keyword and date; if you get a 'duplicate value' error you will have to remove rows until the values are unique before trying again.
then the query
INSERT INTO `search1` (`keyword`, `date`, `times`) VALUES (:keyword, :date, 1) ON DUPLICATE KEY UPDATE `times` = `times` + 1
should do the trick :)
$sql = "UPDATE `shows` SET `title` = '$title', `tagline` = '$tagline', `desc` = '$desc' , `img_src = '$imgsrc' WHERE id = $showid";
The query above does not want to work, I simply get a mysql_error saying error at '' on line 1;
Any idea where I am going wrong?
You're missing a tick:
`img_src = '$imgsrc' WHERE id = $showid";
should be:
`img_src` = '$imgsrc' WHERE id = $showid";
I've got a message while i'm run following sql query...
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'group = 'dfdfd' WHERE id = '39'' at line 1"
Sql query:
$sql_update = mysql_query("UPDATE addcontacts SET surename = '$surname_g', group =
'$g_g' WHERE id = '$id'");
Please use ` to enclose group, it is being treated as special (group by keyword of SQL) by mysql
Use the following:
UPDATE addcontacts SET surename = '$surname_g', `group` = '$g_g' WHERE id = '$id'
Note `group` and not group
Try:
$sql_update = mysql_query("UPDATE addcontacts SET surename = '".$surname_g."', `group` = '".$g_g."' WHERE id = '".$id."'");
Your id might be an integer and you are enclosing it with two single quotes (') and that would really produce the error.
$sql_update = mysql_query("UPDATE addcontacts SET surename = '{$surname_g}', group =
'{$g_g}' WHERE id = {$id}");
Thank you :)