MySQL UPDATE Query Syntax Error?
Solution 1
You haven't put quotes around any of your string literals.
UPDATE `users` SET
`about_me`=about_me,
`profile_pic`=,
`econ_views`=test econ,
`religious_views`=test rel,
`abortion_view`=test abortion,
`gay_marriage`=test gay marraige,
`other`=test other,
`political_party`=democrat
WHERE `username`=emoore24
Should be:
UPDATE `users` SET
`about_me`='about_me',
`profile_pic`=NULL,
`econ_views`='test econ',
`religious_views`='test rel',
`abortion_view`='test abortion',
`gay_marriage`='test gay marraige',
`other`='test other',
`political_party`='democrat'
WHERE `username`='emoore24'
If you use PDO with prepared statements, it would be a lot simpler and safer, and you won't have to worry about quoting or escaping literals. For example, here's how I might write that code:
$info = array(
'about_me' => NULL,
'profile_pic' => NULL,
'political_party' => NULL,
'econ_views' => NULL,
'religious_views' => NULL,
'abortion_view' => NULL,
'gay_marriage' => NULL,
'other' => NULL
);
$query = "UPDATE `users` SET
`about_me`=:about_me,
`profile_pic`=:profile_pic,
`econ_views`=:econ_views,
`religious_views`=:religious_views,
`abortion_view`=:abortion_view,
`gay_marriage`=:gay_marriage,
`other`=:other,
`political_party`=:political_party
WHERE `username`=:username";
if (($stmt = $pdo->prepare($query)) == FALSE) {
$err = $pdo->errorInfo(); die($err[2]);
}
$values = array_intersect_key($_POST, $info);
$values['username'] = 'emoore24';
if ($stmt->execute( $values ) == FALSE) {
$err = $stmt->errorInfo(); die($err[2]);
}
Solution 2
You need to quote the text in your query
UPDATE `users` SET `about_me`='about_me'
And do the same for the other fields.
Solution 3
Your query is wrong. You need to put quotes around all values :
Change your query like this:
$query = "UPDATE `users` SET `about_me`='about_me', `profile_pic`='$profile_pic', `econ_views`='$econ_views',`religious_views`='$religious_views',`abortion_view`='$abortion_view',`gay_marriage`='$gay_marraige', `other`='$other', `political_party`='$political_party' WHERE `username`='emoore24'";
Hope this works :)
emoore
Updated on June 04, 2022Comments
-
emoore almost 2 years
I am relatively new to MySQL and PHP and I have been trying to UPDATE a table for a very long time now, I've searched Google and SO and I still can't figure it out.
Here is the php:
$info = array('about_me' => NULL, 'profile_pic' => NULL, 'political_party' => NULL, 'econ_views' => NULL, 'religious_views' => NULL, 'abortion_view' =>NULL,'gay_marraige' => NULL, 'other' => NULL); foreach ($_POST as $key => $value) { $info[$key] = mysql_escape_string($value); } $about_me = $info['about_me']; $profile_pic = $info['profile_pic']; $econ_views = $info['econ_views']; $religious_views = $info['religious_views']; $abortion_view = $info['abortion_view']; $gay_marraige = $info['gay_marraige']; $other = $info['other']; $political_party = $info['political_party']; //Connect to database require 'db.php'; $query = "UPDATE `users` SET `about_me`=$about_me, `profile_pic`=$profile_pic, `econ_views`=$econ_views, `religious_views`=$religious_views,`abortion_view`=$abortion_view,`gay_marriage`=$gay_marraige, `other`=$other, `political_party`=$political_party WHERE `username`=emoore24"; echo "$query"."<br /><br />"; $result = mysql_query($query) or die(mysql_error()); echo "success"
This is run on a form with many text areas and one select element. I ran everything with simple strings as data and got this:
UPDATE
users
SETabout_me
=test about,profile_pic
=,econ_views
=test econ,religious_views
=test rel,abortion_view
=test abortion,gay_marriage
=test gay marraige,other
=test other,political_party
=democrat WHEREusername
=emoore24You have an error in your SQL syntax; check the manual that corresponds to your MySQL >server version for the right syntax to use near '
econ_views
=test econ, >religious_views
=test rel,abortion_view
=test abor' at line 1I'm assuming that it's something small, but I can't see it. Could anyone help?
-
emoore over 12 yearsSorry noob question here, but are you saying I need quotes around all of my variables within the $query string? If so, should they be double quotes? thanks for the quick response
-
emoore over 12 yearsAh, nvm I see... Thanks a lot!
-
Bill Karwin over 12 years@emoore: Use single-quotes for string literals in SQL. See my answer to Do different databases use different name quote
-
Bill Karwin over 12 years@emoore: Also you should fix the misspelling "gay_marraige" your $info array.