PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
I get this error: Unable to query:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'group = 'Personal', title = 'hello', notes = 'erigeorijg' where photoID=31' at line 1
<?php include("includes/header_nav.php"); ?>
<div class="contwrapper">
<?php include("includes/db_connect.php"); ?>
<?php
$vgroup = $_POST['igroup'];
$vphotoid = $_POST['iphotoid'];
$vtitle = $_POST['ititle'];
$vnotes = $_POST['inotes'];
$query = "update photo set group = '$vgroup', title = '$vtitle', notes = '$vnotes' where photoID=$vphotoid";
mysql_query($query) or die("Unable to query:".mysql_error());
echo "<div class='textheader'>Photo Saved<br/><a href='photo_upload.php'>Back</a></div>";
mysql_close($con);
?>
</div>
</div>
</body>
</html>
I can't see anything wrong with my syntax and obviously its pulling the variables fine and the table name and column names are all accurate. There are mor columns in the table but that shouldn't matter right? PLEASE HELP
group is a reserved word. Either wrap it in backticks "`" or change the column name. I would seriously recommend you pass all your input variables atleast through mysql_real_escape_string() for strings, and typecast to (int) or intval() for numerical data.
John Cartwright wrote:group is a reserved word. Either wrap it in backticks "`" or change the column name. I would seriously recommend you pass all your input variables atleast through mysql_real_escape_string() for strings, and typecast to (int) or intval() for numerical data.
John Cartwright wrote:group is a reserved word. Either wrap it in backticks "`" or change the column name. I would seriously recommend you pass all your input variables atleast through mysql_real_escape_string() for strings, and typecast to (int) or intval() for numerical data.