Update issues

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
grandroyal
Forum Newbie
Posts: 6
Joined: Wed Feb 04, 2009 11:10 pm

Update issues

Post by grandroyal »

I get this error: Unable to query:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'group = 'Personal', title = 'hello', notes = 'erigeorijg' where photoID=31' at line 1

when i submit a form to this:

Code: Select all

<?php include("includes/header_nav.php"); ?>
<div class="contwrapper">
<?php include("includes/db_connect.php"); ?>
 
<?php
 
$vgroup = $_POST['igroup'];
$vphotoid = $_POST['iphotoid'];
$vtitle = $_POST['ititle'];
$vnotes = $_POST['inotes'];
 
$query = "update photo set group = '$vgroup', title = '$vtitle', notes = '$vnotes' where photoID=$vphotoid";
            
mysql_query($query) or die("Unable to query:".mysql_error());
           
echo "<div class='textheader'>Photo Saved<br/><a href='photo_upload.php'>Back</a></div>";
        
mysql_close($con);
?>
</div>
</div>
</body>
</html>
 
I can't see anything wrong with my syntax and obviously its pulling the variables fine and the table name and column names are all accurate. There are mor columns in the table but that shouldn't matter right? PLEASE HELP
sparrrow
Forum Commoner
Posts: 81
Joined: Mon Oct 20, 2008 12:22 pm

Re: Update issues

Post by sparrrow »

Well I'll admit, nothing jumps out at me right off the bat. Can you:

Code: Select all

echo $query;
To see the full query?
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Re: Update issues

Post by John Cartwright »

group is a reserved word. Either wrap it in backticks "`" or change the column name. I would seriously recommend you pass all your input variables atleast through mysql_real_escape_string() for strings, and typecast to (int) or intval() for numerical data.
grandroyal
Forum Newbie
Posts: 6
Joined: Wed Feb 04, 2009 11:10 pm

Re: Update issues

Post by grandroyal »

update photo set group = 'Personal', title = 'hello', notes = 'erigeorijg' where photoID='31'
sparrrow
Forum Commoner
Posts: 81
Joined: Mon Oct 20, 2008 12:22 pm

Re: Update issues

Post by sparrrow »

John Cartwright wrote:group is a reserved word. Either wrap it in backticks "`" or change the column name. I would seriously recommend you pass all your input variables atleast through mysql_real_escape_string() for strings, and typecast to (int) or intval() for numerical data.
Ah, good eye! I missed that. :) http://dev.mysql.com/doc/refman/5.1/en/ ... words.html
grandroyal
Forum Newbie
Posts: 6
Joined: Wed Feb 04, 2009 11:10 pm

Re: Update issues

Post by grandroyal »

John Cartwright wrote:group is a reserved word. Either wrap it in backticks "`" or change the column name. I would seriously recommend you pass all your input variables atleast through mysql_real_escape_string() for strings, and typecast to (int) or intval() for numerical data.
Thank you so much
Post Reply