sytax error on sql

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
franknu
Forum Contributor
Posts: 146
Joined: Sun May 28, 2006 9:29 am

sytax error on sql

Post by franknu »

i want to update my database using a password and username

but i am getting a sytax error i just dont see the problem can any one help please here is the code

Code: Select all

<?
         
 $host = "localhost";
$username = "localhost";
$password = "abc123";
$database = "contacts";

$db = mysql_connect($host, $username, $password);
mysql_select_db($database);

 $BusinessName = (isset($_POST['BusinessName']));
 $Slogan = addslashes(isset($_POST['Slogan']));
 $Business_Address = addslashes (isset($_POST['Business_Address']));
 $Tel = addslashes(isset($_POST['Tel']));
 $Website = addslashes(isset($_POST['Website']));
 $Email = addslashes(isset($_POST['Email']));
 $Member_Status = addslashes(isset($_POST['Member_Status']));
 $Fax =addslashes(isset($_POST['Fax']));
 $type = addslashes(isset($_POST['type']));
 $make = addslashes(isset($_POST['make']));
 $Categories = addslashes(isset($_POST['Categories']));
 $Keyword = addslashes (isset($_POST['Keyword']));
 $Picture1 = addslashes (isset($_POST['Picture1']));
 $Headline = addslashes (isset($_POST['Headline']));
 $Slogan2 = addslashes (isset($_POST['Slogan2']));
 $Description1 = addslashes (isset($_POST['Description1']));
 $Description2 = addslashes (isset($_POST['Description2']));
 $Description3= addslashes (isset($_POST['Description3']));
 $Contact2 = addslashes (isset($_POST['Contact2']));
 $Picture2 = addslashes (isset($_POST['Picture2']));
 $Picture3 = addslashes (isset($_POST['Picture3']));
 $Picture4 = addslashes (isset($_POST['Picture4']));
 $User_Name = addslashes (isset($_POST['User_Name']));
 $Password = addslashes (isset($_POST['Password']));



$User_Name = mysql_query("SELECT `Password` FROM `Business_Info` WHERE `User_Name` == '$User_Name'"); 



if($Password == $Password[0]) 

{ 

$sql= " UPDATE  WHERE `Business_Info`(`BusinessName`,`Slogan`,`Business_Address`,`Tel`,`Website`,`Email`,`Member_Status`,`  Fax`,`type`,`make`,`Categories`,`Keyword`,`picture1`,`Headline`,`Slogan2`,`Description1`,`Description2`,`Description3`,`Contact2`,`Picture2`,`Picture3`,`Picture4`,`Password`) 

Values('.$BusinessName.','.$Slogan.','.$Business_Address.','.$Tel.','.$Website.','.$Email.','.$Member_Status.','.$Fax.',' 
.$type.','.$make.','.$Categories.','.$Keyword.','.$Picture1.','.$Headline.','.$Slogan2.','.$Description1.', 
'.$Description2.','.$Description3.','.$Contact2.' 
,'.$Picture2.','.$Picture3.','.$Picture4.','.$Password.') WHERE `User_Name` == $User_Name"; 


$result = mysql_query($sql); 
echo mysql_error(); 


  } 


    else 

    { 
     
  echo "Incorrect Password or User Name Try again "; 
  exit; 
} 



?>
this is what i am displaying....


You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE `Business_Info`(`BusinessName`,`Slogan`,`Business_Address`
Flamie
Forum Contributor
Posts: 166
Joined: Mon Mar 01, 2004 3:19 pm

Post by Flamie »

you are forgetting the tablename on your UPDATE ;o

Edit:
And I'm not sure if using the VALUES() thing works with UPDATE commands. The one I usually do is:
UPDATE <tablename> SET <field>=<value>, <field2>=<value2> WHERE <condition(s)>
franknu
Forum Contributor
Posts: 146
Joined: Sun May 28, 2006 9:29 am

Post by franknu »

the table name is business_info
Flamie
Forum Contributor
Posts: 166
Joined: Mon Mar 01, 2004 3:19 pm

Post by Flamie »

then you do:

Code: Select all

$query = "UPDATE buisness_info SET (set your values here) WHERE (set your conditions here)";
franknu
Forum Contributor
Posts: 146
Joined: Sun May 28, 2006 9:29 am

Post by franknu »

if you look on the database that is what i have i am just getting this erroe

Code: Select all

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(`BusinessName`,`Slogan`,`Business_Address`,`Tel`,`Website`,`Ema
this are the changes i made

Code: Select all

$User_Name = mysql_query("SELECT `Password` FROM `Business_Info` WHERE `User_Name` == '$User_Name'"); 



if($Password == $Password[0]) 

{ 

$sql= " UPDATE `Business_Info`(`BusinessName`,`Slogan`,`Business_Address`,`Tel`,`Website`,`Email`,`Member_Status`,`  Fax`,`type`,`make`,`Categories`,`Keyword`,`picture1`,`Headline`,`Slogan2`,`Description1`,`Description2`,`Description3`,`Contact2`,`Picture2`,`Picture3`,`Picture4`,`Password`);

Values('.$BusinessName.','.$Slogan.','.$Business_Address.','.$Tel.','.$Website.','.$Email.','.$Member_Status.','.$Fax.',' 
.$type.','.$make.','.$Categories.','.$Keyword.','.$Picture1.','.$Headline.','.$Slogan2.','.$Description1.', 
'.$Description2.','.$Description3.','.$Contact2.' 
,'.$Picture2.','.$Picture3.','.$Picture4.','.$Password.') WHERE `User_Name` == `$User_Name`"; 


$result = mysql_query($sql); 
echo mysql_error(); 


  } 


    else 

    { 
     
  echo "Incorrect Password or User Name Try again "; 
  exit; 
} 



?>
Flamie
Forum Contributor
Posts: 166
Joined: Mon Mar 01, 2004 3:19 pm

Post by Flamie »

sigh you're not understanding me, I'll write it for you:

Code: Select all

$sql = "UPDATE `Business_Info` SET `BusinessName`= '$BusinessName', `Slogan`='$Slogan',  `Business_Address`='$Business_Address', `Tel`='$Tel', `Website`='$Website', `Email`='$Email', `Member_Status`='$Member_Status', `Fax`='$Fax', `type`=$type, `make`='$make', `Categories`='$Categories', `Keyword`='$Keyword', `picture1`='$Picture1', `Headline`='$Headline', `Slogan2`='$Slogan2', `Description1`='$Description1', `Description2`='$Description2', `Description3`= '$Description3', `Contact2`='$Contact2', `Picture2`='$Picture2', `Picture3`='$Picture3', `Picture4`='$Picture4', `Password`='$Password' WHERE `User_Name`='$User_Name'";
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

VALUES is for an INSERT statement

With updates, you only do SET `something` = '$something', `somethingelse` = '$somethingelse'

[edit]
use mysql_real_escape_string() instead of addslashes
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Post Reply