I am have some problem in updating my qotwVote1a table's Vote1a field through PHP. Could you please have a look at the code, and tell me what am i doing wrong in here.
$result = mysql_query("SELECT * FROM qotwVote1a WHERE QuestionId='".$questionId."' AND MemberId='".$id."'");
while($row = mysql_fetch_array($result))
{
$originalVote=$row['Vote1a'];
$newVote=$originalVote + $vote;
//echo ($newVote);
}
$sql = <<<END
UPDATE qotwVote1a
SET Vote1a = '$newVote',
WHERE QuestionId = '$questionId' AND MemberId = '$id'
END;
mysql_query($sql);
if (mysql_error()) {
die("Error executing query '$sql': " . mysql_error());
}
Using this code I got an error:
"Error executing query 'UPDATE qotwVote1a SET Vote1a = '2', WHERE QuestionId = '57' AND MemberId = 'zee'': You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE QuestionId = '57' AND MemberId = 'zee'' at line 3"
Regards
Zeeshan
You have a comma after $newVote. Remove it, and you'll be peachy-keen.
Also, you don't need to wrap numbers in quotation marks, and don't do it if your column is an integer or float type. Doing so just causes those to get converted to numbers, anyway, so it's not a big deal.
UPDATE qotwVote1a
SET Vote1a = '$newVote'
WHERE QuestionId = '$questionId' AND MemberId = '$id'
There’s a comma in you MySQL query after the SET clause that’s misplaced. So try this:
$sql = <<<END
UPDATE qotwVote1a
SET Vote1a = '$newVote'
WHERE QuestionId = '$questionId' AND MemberId = '$id'
END;
It's looks like you are missing some code as the query supplied is not the query giving the error. The problem in the query is an extra comma after the "Vote1a = '2'" statement though.
Related
For some reason $query3 and $query4 will throw out this error
Couldn't enter data: You have an error in your SQL syntax; check the
manual that corresponds to your MariaDB server version for the right
syntax to use near 'WHERE job_id = '35' at line 1
I cannot see why it is doing this the query syntax seems fine.
Table structure:
https://imgur.com/a/ioOKZ
Actionpage7:
session_start();
require 'config.php';
$id = $_SESSION['login_user'];
$bidid = $_POST['bid_id'];
$jobid = $_POST['job_id'];
$bidder_id = $_POST['bidder_id'];
$bid_amount = $_POST['bid_amount'];
$query = " UPDATE bid SET status = '1' WHERE bid_id = '$bidid'";
$success = $conn->query($query);
$query2 = " UPDATE job SET accepted = '1' WHERE job_id = '$jobid'";
$success = $conn->query($query2);
$query3 = "INSERT into job (accepted_bidder) VALUES('" . $bidder_id . "') WHERE job_id = '$jobid'";
$success = $conn->query($query3);
$query4 = "INSERT into job (accepted_bid) VALUES('" . $bid_amount . "') WHERE job_id = '$jobid'";
$success = $conn->query($query4);
if(!$success) {
die("Couldn't enter data: " . $conn->error);
}
echo "Thank You For Contacting Us <br>";
header("location: myjobs.php");
$conn->close();
You can do it in one query:
UPDATE job SET
accepted = '1',
accepted_bidder = 'value',
accepted_bid = 'value'
WHERE job_id = '$jobid'
As stated in comments - your code is vulnerable to SQL injections. Refer to this topic to know more.
You have two types of queries here.
Query 1 and 2 are updates
$query = " UPDATE bid SET status = '1' WHERE bid_id = '$bidid'";
$query2 = " UPDATE job SET accepted = '1' WHERE job_id = '$jobid'";
They say UPDATE table and SET column = value WHERE condition is true. As the name implies this updates existing rows. The condition is used to limit the rows that the update is applied to. Without it every bid would have its status set to 1 and every job would be accepted. Which is probably not good.
Query 3 and 4 are inserts
$query3 = "INSERT into job (accepted_bidder) VALUES('" . $bidder_id . "') WHERE job_id = '$jobid'";
$query4 = "INSERT into job (accepted_bid) VALUES('" . $bid_amount . "') WHERE job_id = '$jobid'";
They say INSERT into table using (columns...) having VALUES(values...) WHERE condition. Again the name says it all, INSERT inserts new rows into the table. Now the question is what is the WHERE clause supposed to do?
Are you trying to limit the inserted rows to only those that match your condition? Well you are the one saying what rows to insert so you don't really need to do that. Are you trying to set values on the rows to be inserted? Well you can do that by adding more columns to the column list and their respective values to the value list. So it turns out there isn't really much point to a WHERE clause on an INSERT statement like that and in fact it's not allowed. That's what the error is trying to tell you.
As the other answer says you probably want to update an existing job and not insert a new one anyways.
Hi i have a reads counter, but i always get an MySQL error:
MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''reads') VALUES ('2') WHERE id = '20'' at line 1
$reads = $row['reads']+1;
$newsid = $row['id'];
if(!$query = $db->query("UPDATE cmsss_news_articles SET reads = '$reads' WHERE id = '$newsid'")) {
echo "<center><b>Error, cant update row</b></center>";
}
Can you please help me where is the mistake?
reads is a reserved word in MySQL. Escape it with backticks.
UPDATE cmsss_news_articles
SET `reads` = '$reads'
...
Reads is a reverse key word in MySQL, hence put that in backquotes.
try this:
if(!$query = $db->query("UPDATE cmsss_news_articles SET `reads` = '$reads' WHERE id = '$newsid'")) { ^^
echo "<center><b>Error, cant update row</b></center>";
}
You can also loose the increment variable to gain some performance and simplicity.
$newsid = $row['id'];
if(!$query = $db->query("UPDATE cmsss_news_articles SET `reads` = `reads` + 1 WHERE id = '$newsid'")) {
echo "<center><b>Error, cant update row</b></center>";
}
So I am trying to update my table based on a singe parameter:
The dateEntered field must be blank.
And I want to randomly select 50 rows, and update the blank ownerID fields to "Tester"
Here is what I have:
<?php
include("includes/constants.php");
include("includes/opendb.php");
$query = "SELECT * FROM contacts WHERE dateEntered='' ORDER BY RAND() LIMIT 50";
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_assoc($result)){
$firstid = $row['id'];
$query2 = mysql_query("UPDATE contacts
SET ownerID = 'Tester'
WHERE id = '$firstid'");
$result2 = mysql_query($query2) or die(mysql_error());
}
?>
It will update a single record, then quit and give me:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1
The first part that selects the records works fine, its query2 that won't update all 50 records, just one. Maybe I am writing this wrong.
mysql_query needs only one time
$query2 = mysql_query("UPDATE contacts
SET ownerID = 'Tester'
WHERE id = '$firstid'");
$result2 = mysql_query($query2) or die(mysql_error());
to
$result2 = mysql_query("UPDATE contacts
SET ownerID = 'Tester'
WHERE id = '$firstid'");
These answers are spot on, so I will only add some additional information, and a suggestion. When you are querying mysql the first time, $query1 is being set to the result resource, which for
$query1 = mysql_query("UPDATE contacts SET ownerID = 'Tester' WHERE id = '$firstid'");
returns a result of 1 (Boolean TRUE), which is why your second query failed, cause "1" isn't a valid mysql query string. As Greg P stated, you can fix your current script by eliminating the secondary mysql query.
However, you could improve the script entirely, and make fewer sql calls, by using this.
<?php
include("includes/constants.php");
include("includes/opendb.php");
$query = "UPDATE contacts SET owenerID='Tester' WHERE dateEntered='' ORDER BY RAND() LIMIT 50";
$result = mysql_query($query) or die(mysql_error());
I need to copy the value in a column named TEAM from one row into another row. Both rows need to have the same team name. This is my query that doesn't work:
$query = "UPDATE profiles SET team = (SELECT team FROM profiles WHERE id = '$coach_id') WHERE id = '$player_id'";
I have tried removing single quotes, removing "FROM profiles", changing value to table.value, tried to give a newdata.clan alias, and I have even tried changing the values to integers instead of parameters. Nothing works, and this is what I get:
Error: You have an error in your SQL
syntax; check the manual that
corresponds to your MySQL server
version for the right syntax to use
near 'WHERE id = '') WHERE id = ''' at
line 3
$query1 = "SELECT team FROM profiles WHERE id = '$coach_id'";
/* get the value of the first query and assign it to a variable like $team_name */
$query2 = "UPDATE profiles SET team = '$team_name' WHERE id = '$player_id'";
Also, you should surround your PHP variables in curly braces:
$query = "UPDATE profiles SET team = \"(SELECT team FROM profiles WHERE id = '{$coach_id}')\" WHERE id = '{$player_id}'";
From the MySQL manual:
"Currently, you cannot update a table
and select from the same table in a
subquery."
Source: http://dev.mysql.com/doc/refman/5.0/en/update.html
Use the method that FinalForm wrote:
<?
$coach_id = 2;
$player_id = 1;
$query1 = "SELECT team FROM profiles WHERE id = '$coach_id'";
$rs = mysql_query($query1);
if ($row = mysql_fetch_array($rs)) {
$team_name = $row['team'];
$query2 = "UPDATE profiles SET team = '$team_name' WHERE id = '$player_id'";
mysql_query($query2);
// Done, updated if there is an id = 1
} else {
// No id with id = 2
}
?>
I am trying to write a MySQL query (in PHP) that will update a set of fieldnames contained within an (imploded) array with a set of values contained within another (imploded) array.
What I have right now is this:
$edit= mysql_query ("UPDATE tablename SET `".$EXPfields."` = '".$EXPvalues."'
WHERE ID = '$ID'");
But for $EXPfields = EXP1, ?EXP2?, ?EXP3
and $EXPvalues = Communications', 'Electronics', 'Engineering
(both imploded arrays, ? is actually a backtick: `)
I get the following error message:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' ?EXP2?, ?EXP3? = 'Communications', 'Electronics', 'Engineering' ' at line 2
(again, ? is actually a backtick `)
I've been playing around with this for ages, but I can't see where I have gone wrong, help pls! Thanks!
Update queries have the following syntax:
UPDATE table
SET column = expression
WHERE predicates;
You could loop through the array of fields and create a new array containing both column names and values. For example:
$update_sql = '';
for($i = 0; $i < count($EXPfields); ++i)
{
$update_sql = "`" . $EXPfields[$i] . "` = '" . $EXPvalues[$i] . "', ";
}
$update_sql = substr($update_sql, 0, -2);
$edit = mysql_query("
UPDATE
tablename
SET
" . $update_sql . "
WHERE
ID = '$ID'");
UPDATE table
SET
field1 = expression1,
field2 = expression2,
field3 = expression3
WHERE ...
You need to do comma separated field=value pairs. eg:
$query = UPDATE ?tablename? SET ?field1?='value1', ?field2?='value2' WHERE (?field3?='value3')