Page 1 of 1
help with php+mysql UPDATE
Posted: Fri Oct 22, 2004 5:12 pm
by Diod
Code: Select all
$query = "UPDATE news SET text =". nl2br($_POST['text']).", author =". $_POST['author'] .", email =". $_POST['email'] .", title =".$_POST['title']." WHERE ID = " . $_GET ['id'].";";
$result = mysql_query($query,$db) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $query . "<br />\nError: (" . mysql_errno() . ") " .
mysql_error());
gives
A fatal MySQL error occured.
Query:
Error: (1064) You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
Posted: Fri Oct 22, 2004 6:46 pm
by timvw
you do know that you have to escape fields that are of type VARCHAR in MySQL??
Code: Select all
$text = mysql_escape_string(nl2br($_POST['text']));
$query = "UPDATE news SET text='$text'";
Posted: Sat Oct 23, 2004 4:54 am
by Diod
well text isnt varchar, it is a BLOB
Posted: Sat Oct 23, 2004 8:15 am
by timvw
Posted: Mon Oct 25, 2004 6:15 am
by ibizconsultants
You need to enclose text fields in single quotes.
e.g.
Code: Select all
$query = "UPDATE news SET text ='". nl2br($_POSTї'text'])."', author ='". $_POSTї'author'] ."', email ='". $_POSTї'email'] ."', title ='".$_POSTї'title']."' WHERE ID = " . $_GET ї'id'].";";
$result = mysql_query($query,$db) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $query . "<br />\nError: (" . mysql_errno() . ") " .mysql_error());
Hope this helps.
http://www.ibizconsultants.com