help with php+mysql UPDATE

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
User avatar
Diod
Forum Commoner
Posts: 52
Joined: Tue Oct 19, 2004 9:07 am

help with php+mysql UPDATE

Post by Diod »

Code: Select all

$query = "UPDATE news SET text =". nl2br($_POST['text']).", author =". $_POST['author'] .", email =". $_POST['email'] .", title =".$_POST['title']." WHERE ID = " . $_GET ['id'].";";
  $result = mysql_query($query,$db) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $query . "<br />\nError: (" . mysql_errno() . ") " .
mysql_error());
gives

A fatal MySQL error occured.
Query:
Error: (1064) You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

you do know that you have to escape fields that are of type VARCHAR in MySQL??

Code: Select all

UPDATE news SET text='bar';

Code: Select all

$text = mysql_escape_string(nl2br($_POST['text']));
$query = "UPDATE news SET text='$text'";
User avatar
Diod
Forum Commoner
Posts: 52
Joined: Tue Oct 19, 2004 9:07 am

Post by Diod »

well text isnt varchar, it is a BLOB
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

ibizconsultants
Forum Commoner
Posts: 35
Joined: Tue Sep 07, 2004 12:07 pm

Post by ibizconsultants »

You need to enclose text fields in single quotes.

e.g.

Code: Select all

$query = "UPDATE news SET text ='". nl2br($_POST&#1111;'text'])."', author ='". $_POST&#1111;'author'] ."', email ='". $_POST&#1111;'email'] ."', title ='".$_POST&#1111;'title']."' WHERE ID = " . $_GET &#1111;'id'].";";  

$result = mysql_query($query,$db) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $query . "<br />\nError: (" . mysql_errno() . ") " .mysql_error());
Hope this helps.

http://www.ibizconsultants.com
Post Reply