Page 1 of 1

error in sql syntax

Posted: Thu Mar 06, 2008 12:13 pm
by m2babaey
Hi
I cannot find the error in the sql code below. can you help me?
thanks
the sql code:

Code: Select all

       $sql = "UPDATE member SET " .
            "name = $processed[fullname], email = $processed[email],accounttype = $processed[accounttype],bankaccount = $processed[bankaccount], email_priv = $email_priv " .
            "WHERE id = $_SESSION[uid]";
the parent code:

Code: Select all

   if ($form->valid() ) {
        $processed = $form->getProcessed();
        $email_priv = isset($processed['email_priv']) ? "'y'" : "'n'";
 
        $sql = "UPDATE member SET " .
            "name = $processed[fullname], email = $processed[email],accounttype = $processed[accounttype],bankaccount = $processed[bankaccount], email_priv = $email_priv " .
            "WHERE id = $_SESSION[uid]";
 
        $result = $db->query($sql);

Re: error in sql syntax

Posted: Thu Mar 06, 2008 12:29 pm
by kryles
try

Code: Select all

 
$sql = "UPDATE member SET 
name = $processed[fullname], email = $processed[email],accounttype = $processed[accounttype],bankaccount = $processed[bankaccount], email_priv = $email_priv 
WHERE id = '" . $_SESSION[uid]. "'";
 
 

Re: error in sql syntax

Posted: Thu Mar 06, 2008 12:36 pm
by m2babaey
thanks but didn't work

Re: error in sql syntax

Posted: Thu Mar 06, 2008 1:08 pm
by kryles
try using

Code: Select all

 
 
print $sql
 
 
to make sure the SQL looks the way you want (with the right variables)

Re: error in sql syntax

Posted: Thu Mar 06, 2008 4:22 pm
by misteryyy
Try this :

Code: Select all

 
$sql = "UPDATE member SET 
name ='".$processed[fullname]."',
 email ='".$processed[email]."',
accounttype ='". $processed[accounttype]."',
bankaccount ='".$processed[bankaccount]."',
email_priv = '".$email_priv."' WHERE id = ".$_SESSION[uid];
 
 

Re: error in sql syntax

Posted: Thu Mar 06, 2008 6:04 pm
by kryles
i suppose I should have asked if it is a number or string :oops:

Re: error in sql syntax

Posted: Fri Mar 07, 2008 2:32 am
by zjstandup
I used to write as:

Code: Select all

 
 $sql = "UPDATE member SET
 name = '$processed[fullname]', email = '$processed[email]',accounttype = '$processed[accounttype]',bankaccount = '$processed[bankaccount]', email_priv = '$email_priv'
 WHERE id = '" . $_SESSION[uid]. "'";
 
every variable quoted by " ' " :P