We Keep Coding

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '? WHERE id=20

How can i fix error in my sql syntax? The error is like this:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'where id= 20' at line 11
This is the code :
<?php
ob_start();
require_once('dbConfig.php');
if(isset($_GET['id'])){
$id = $_GET['id'];
$sql = "select * from usersreg where id=".$id;
$result = mysqli_query($conn, $sql);
if(mysqli_num_rows($result) > 0){
$row = mysqli_fetch_assoc($result);
}else{
$errorMsg = 'Could not select a record';
}
}
Line 11 is at : $result = mysqli_query($conn, $sql);

SQL syntax which sending me an Error

I have a Mysql Database named user. Here is a picture:
I want to change the Username of the user "dodlo.rg" programmatically.
Actually, I have the PHP-Version 7.1. And this is a part of my PHPCode:
EDITED CODE:
$newName= $_POST["changeT"];
$userId = $_POST["userId"];
$db = mysqli_connect("trolö", "trolö", "trolö123", "trolö")
$sql = "UPDATE user SET username = '$newName' WHERE user_id = '$userId'";
$query = mysqli_query($db, $sql);
$response["successU"] = true;
But I get the Error: "You gave an Error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'SELECT * FROM user' at line 1"
Thanks in advance.

The problem lies in 2 parts.
Firstly, since this column is a varchar field it needs to be inside quotes else it produces an sql error.
Secondly the SELECT statement just after is not valid, but i guess it was a copy/paste error.
Therefore your working code should be:
$newName= $_POST["changeT"];
$db = mysqli_connect("trolö", "trolö", "trolö123", "trolö")
$sql = "UPDATE user SET username = '".addslashes($newName)."' WHERE username = 'dodlo.rg'";
$query = mysqli_query($db, $sql);
$response["successU"] = true;
Also, please consider using your primary keys on your where statement rather a varchar field, as it'll improve speed when more complex queries. (eg. where user_id = 35 instead of where username = 'dodlo.rg' ).
Lastly, but quite important this code might be vulnerable to sql injections. You need to use prepared statements.

You have to convert this query into two parts
$sql1 = "UPDATE user SET username = $newName WHERE username = 'dodlo.rg'";
$sql2 = "SELECT * FROM user";

You have an error in your SQL syntax- PHP

I am trying to update my table row but can't get success.
here is error that coming.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Current_date = '2017-03-30', Content = 'This is first notification te' at line 2
here is my code
if(!empty($_FILES) || isset($_FILES['Details_file'])){
$filetmp = $_FILES["Details_file"]["tmp_name"];
$filename = $_FILES["Details_file"]["name"];
$filetype = $_FILES["Details_file"]["type"];
$filepath = "notification/".$filename;
move_uploaded_file($filetmp, $filepath);
echo $_POST['post_date'];
$stmt = $con1->prepare("UPDATE notification SET
Current_date = '".$_POST['post_date']."',
Content = '".$_POST['Content']."',
File_name= '".$filename."',
File_path ='".$filepath."',
Apply_link = '".$_POST['apply_now']."',
Last_date = '".$_POST['Last_date']."'
WHERE id = '".$_POST['fetch_id']."'") or die(mysqli_error($con1));
$stmt->execute();
$stmt->close();
}
any one can tell me what is problem with my code here.

There is no point in prepare() and execute() if you aren't using them properly. Try this instead:
$query = "UPDATE notification SET `Current_date`=?, `Content`=?, `File_name`=?, `File_path`=?, `Apply_link`=?, `Last_date`=? WHERE `id`=?";
$stmt = $con1->prepare($query);
$stmt->bind_param("ssssssi", $_POST['post_date'], $_POST['Content'], $filename, $filepath, $_POST['apply_now'], $_POST['Last_date'], $_POST['fetch_id']);
$stmt->execute();
$stmt->close();
You'll want to check the return values of each step (prepare, bind, execute) to ensure there are no errors being returned.

Current_date is a reserved keyword in mySQL, so in order to use it as a name of the column, you would need to enclose it in backticks.

Storing rand() output to mysql database ERROR

I wanted to store the output of rand() function into my database, I have been getting the error!
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'unique) VALUES('964350')' at line 1
This is my code
<?php
require_once('connect.php');
$unique = rand(100000, 999999);
$uni = "INSERT INTO registrations (unique) VALUES('$unique')";
$result = #mysql_query($uni);
if($result) {
$sucmsg_arr[] = 'Registration Successful!';
}
?>

'unique' is a keyword like 'select' or 'delete'.
Try it with INSERT INTO registrations (`unique`) VALUES('$unique')

SQL Syntax Error select * from

My code is throwing this error:
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-contact-info' at line 1
my code:
<?php
//connect
$connection = mysqli_connect("myh","myu","myp","mydb") or die("Error " . mysqli_error($connection));
//consultation:
$query = "SELECT * FROM web-contact-info";
//execute the query.
$result = mysqli_query($connection, $query);
if (!$result) {
printf("Error: %s\n", mysqli_error($connection));
exit();
}
//display information:
while($row = mysqli_fetch_array($result)) {
echo $row["live_name"] . "<br>";
}
?>
I've tried to put quotes around web-contact-info and get a slightly different error:
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''web-contact-info'' at line 1
What am I writing wrong?

You can try this:
SELECT * FROM `web-contact-info`
As mysql_* is deprecated consider switching to mysqli or PDO.

Try and use the name of the table within simple quotes like this
$query = "SELECT * FROM `web-contact-info`";