update sql error
Posted: Thu Jan 13, 2011 3:39 pm
I have a form that selects all the blogs a user has posted from the db, echos them onto the page with a radio button next to each one, then the user selects which one they want to edit and clicks submit. The next page has 3 text boxes that are populated with the current blog info from the db they are title, blurb, and blog. the user makes the edits they want and then hits submit and it updates the db with the new content from those boxes. My problem is I keep getting sytax errors, here is the code for the update page...
now let's say the original title that populates into the title box is "Womans World Longboard Championships" - without the quotes, I change it to say "Mens World Longboard Championships" - again without the quotes, and click submit. I keep getting this error... title UPDATE error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'World Longboard Championships WHERE blogID=12' at line 1 ... it's cuttong off the "Mens" part of the title and giving me that error, I don't see what the problem is, could anyone please help me out here, it makes no sense to me, the code looks like it should work. Guess I should mention that $num is passed from page to page as the blogID number based on whichever radio box they check. Thank you for the help in advance.
Code: Select all
<?php
$title = $_POST['title'];
$blurb = $_POST['blurb'];
$blog = $_POST['blog'];
$num = $_POST['number'];
$safetitle = str_replace("'", "~", $title);
$safeblurb = str_replace("'", "~", $blurb);
$safeblog = str_replace("'", "~", $blog);
$con = mysql_connect("login into here obviously.");
if(!$con) {
die("Could not Connect: " .mysql_error());
}
@mysql_select_db("blog_db") or die("Unable to select database " .mysql_error());
$result = mysql_query("UPDATE blogs SET title=$safetitle WHERE blogID=$num") or die("title UPDATE error: " . mysql_error());
$result2 = mysql_query("UPDATE blogs SET blurb=$safeblurb WHERE blogID=$num") or die("Blurb UPDATE error: " . mysql_error());
$result3 = mysql_query("UPDATE blogs SET content=$safeblog WHERE blogID=$num") or die("Content UPDATE error: " . mysql_error());
?>
<html>
<body>
<?
$newquery = mysql_query("SELECT * FROM blogs WHERE blogID = '$num'") or die("Could not re-SELECT stuff: " .mysql_error());
while($row = mysql_fetch_array($newquery)) {
$newtitle = $row['title'];
$newblurb = $row['blurb'];
$newblog = $row['content'];
}
$snewtitle = str_replace("~", "'", $newtitle);
$snewblurb = str_replace("~", "'", $newblurb);
$snewblog = str_replace("~", "'", $newblog);
?>
<p align="center">Your blog has been updated.<br /> The new title is: <?php echo $snewtitle ?><br />Your new blurb is: <?php echo $snewblurb ?><br />And your new blog is: <?php echo $snewblog ?></p>
<a href="test-edit.php">Click</a> to edit another blog   |   <a href="/">Click</a> to go back to your home page.
</body>
</html>