Multiple AND

[Cooper94]

$sql = mysql_query ("UPDATE pirerp SET comments='{$_GET['comments']}' AND duration='{$_GET['flthrs2']}' AND online='{$_GET['online']}' AND method='$method' AND rate='{$_GET['rate']}' AND date='$today' AND deptime='{$_GET['deptime']}' AND arrtime='{$_GET['arrtime']}' WHERE callsign='{$_GET['username']}')")

 

I am trying to update a lot of items in the database but it gives me this error when trying to do it:

 

Parse error: syntax error, unexpected T_IF in /home/purifi/public_html/cirrus/acars/pirep.php on line 30

 

[Mardoxx]

AND SET

 

idk if tha will work..

 

but

SET name=thing, name2=thing2, etc etc etc

[Cooper94]

That didnt work

[thebadbad]

You're missing a semi colon at the end, and have one closing bracket too many. You should also escape the strings you insert with mysql_real_escape_string(). Here's a way of formatting it:

 

<?php
$query = sprintf("UPDATE `pirerp` SET `comments` = '%s', `duration` = '%s', `online` = '%s', `method` = '%s', `rate` = '%s', `date` = '%s', `deptime` = '%s', `arrtime` = '%s' WHERE `callsign` = '%s'",
mysql_real_escape_string($_GET['comments']),
mysql_real_escape_string($_GET['flthrs2']),
mysql_real_escape_string($_GET['online']),
mysql_real_escape_string($method),
mysql_real_escape_string($_GET['rate']),
mysql_real_escape_string($today),
mysql_real_escape_string($_GET['deptime']),
mysql_real_escape_string($_GET['arrtime']),
mysql_real_escape_string($_GET['username'])
);
$sql = mysql_query($query);
?>