Jump to content

Archived

This topic is now archived and is closed to further replies.

h4v0c

syntax error?

Recommended Posts

PHP version: 4.4.4
MySQL version: 4.1.2

Error: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 's style of relating when things are going well and in conflict.

Code:

[code]
$host = "server URL" ;
$login = "user name" ;
$pwd = "password" ;
$db = "clientd_psp" ;

$conn = mysql_connect("$host", "$login", "$pwd") or die('SQL Error: '.mysql_error().'') ;
mysql_select_db($db, $conn) ;
$edit = stripslashes($_POST['PSP_editor']);
$page = $_POST['page_id_value'];
$result = mysql_query("UPDATE `content_tbl` SET `page_content`='$edit' WHERE `page_id`='$page'");

if(!$result)
    echo mysql_error();
[/code]

wtf? the query should be perfect. what gives?

Share this post


Link to post
Share on other sites
Change this:
[code]<?php
$result = mysql_query("UPDATE `content_tbl` SET `page_content`='$edit' WHERE `page_id`='$page'");

if(!$result)
    echo mysql_error();
?>[/code]
to
[code]<?php
        $query = "UPDATE `content_tbl` SET `page_content`='$edit' WHERE `page_id`='$page'";
$result = mysql_query($query) or die("Problem with the query: $query<br>" . mysql_error());
?>[/code]

This will print out the query. Check it for errors.

Ken

Share this post


Link to post
Share on other sites
looks like you're not escaping your variables. run all your user entered text through mysql_real_escape_string() and you should be fine.

Share this post


Link to post
Share on other sites
i would serisouly buy you two a beer right now. thanks so much guys.  ;D

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.