budder Posted May 3, 2010 Share Posted May 3, 2010 I got this query that giving me error: $query = 'UPDATE ticket_user SET order_nr ="' . $_POST['order_nr'] . '", navn =' . $_POST['navn'] . ', billet_type = ' . $_POST['billet_type'] . ', antal = ' . $_POST['antal'] . ', afsendt =' . $_POST['afsendt'] . ', billet_nr =' . $_POST['billet_nr'] . ', WHERE order_id =' . $_POST['order_id']; I get this error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Herhold, billet_type = Sommer Rock, antal = 4, afsendt =22-10-2010, ' at line 3 Quote Link to comment Share on other sites More sharing options...
budder Posted May 3, 2010 Author Share Posted May 3, 2010 Anybody? Quote Link to comment Share on other sites More sharing options...
harristweed Posted May 3, 2010 Share Posted May 3, 2010 does $_POST['navn' contain any apostrophes? Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted May 3, 2010 Share Posted May 3, 2010 Hi, at first glance I can see that Herhold and Sommer Rock aren't quoted so will throw up problems. It may also be that the double spacing is upsetting the query. Try and fix the formating so that the double spacing is cleared up. somthing like this should work: $query = 'UPDATE ticket_user SET order_nr = \''.$_POST['order_nr'].'\', navn= \''.$_POST['navn'].'\', billet_type = \''.$_POST['billet_type'].'\', antal = '.$_POST['antal'].', afsendt = '.$_POST['afsendt'].', billet_nr ='.$_POST['billet_nr'].', WHERE order_id ='.$_POST['order_id']; Could you give an example data set for each of the variables if changing that doesn't fix it? also, could I recomend breaking out single quotes for the stings rather than double quoting them? eg. $query = 'UDATE table_name SET varchar_field = \''.$variable.'\', rest of statement'; It souldn't make much of a difference, but MySQL "preffers" single quotes as string containers. Quote Link to comment Share on other sites More sharing options...
budder Posted May 3, 2010 Author Share Posted May 3, 2010 Hm, stil getting an error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE order_id =17' at line 8 First I did the following: query = 'UPDATE ticket_user SET order_nr ="' . $_POST['order_nr'] . '", navn ="' . $_POST['navn'] . '", billet_type ="' . $_POST['billet_type'] . '", antal ="' . $_POST['antal'] . '", afsendt ="' . $_POST['afsendt'] . '", billet_nr ="' . $_POST['billet_nr'] . '", WHERE order_id ="' . $_POST['order_id'] . '"'; But thsi gives me an error: Parse error: parse error in C:\wamp\www\billet\commit.php on line 89 and line 89 is: query = 'UPDATE ticket_user SET The line before and after 89: if(empty($error)) { //line88 order_nr ="' . $_POST['order_nr'] . '", // line 90 Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted May 3, 2010 Share Posted May 3, 2010 OK, the error on line 89 is because you missed out the $ on query. The other SQL error I suspect is because there is no space between the = and the 17 after the WHERE clause. Quote Link to comment Share on other sites More sharing options...
Rustywolf Posted May 3, 2010 Share Posted May 3, 2010 should query = 'UPDATE ticket_user SET be $query = 'UPDATE ticket_user SET Quote Link to comment Share on other sites More sharing options...
budder Posted May 3, 2010 Author Share Posted May 3, 2010 Ups, totally forgot the $query. Hmm, I have tried to make space between the = an 17. But still get: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE order_id = '17'' at line 8 Hust don't get it.. $query = "UPDATE ticket_user SET order_nr = '" . $_POST['order_nr'] . "', navn = '" . $_POST['navn'] . "', billet_type = '" . $_POST['billet_type'] . "', antal = '" . $_POST['antal'] . "', afsendt = '" . $_POST['afsendt'] . "', billet_nr = '" . $_POST['billet_nr'] . "', WHERE order_id = " . $_POST['order_id']; Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted May 3, 2010 Share Posted May 3, 2010 Unquote the input variable. You have it showing as '17' which tells MySQL that it's a sting. when you try to compare a sring to a numeric field value it get's upset. You should only quote string field variables (varchar, text, enum etc) and never quote numeric (int, float, decimal etc). Quote Link to comment Share on other sites More sharing options...
Ken2k7 Posted May 3, 2010 Share Posted May 3, 2010 Run each $_POST value through mysql_real_escape_string. Quote Link to comment Share on other sites More sharing options...
budder Posted May 4, 2010 Author Share Posted May 4, 2010 Unquote the input variable. You have it showing as '17' which tells MySQL that it's a sting. when you try to compare a sring to a numeric field value it get's upset. You should only quote string field variables (varchar, text, enum etc) and never quote numeric (int, float, decimal etc). Always a good thing to remember. Thanks. Quote Link to comment Share on other sites More sharing options...
Ken2k7 Posted May 4, 2010 Share Posted May 4, 2010 Unquote the input variable. You have it showing as '17' which tells MySQL that it's a sting. when you try to compare a sring to a numeric field value it get's upset. You should only quote string field variables (varchar, text, enum etc) and never quote numeric (int, float, decimal etc). You forgot to mention MySQL database/table/column names or MySQL keywords. Don't quote those either. I've seen many people do that. Quote Link to comment Share on other sites More sharing options...
budder Posted May 4, 2010 Author Share Posted May 4, 2010 So it should look like this? $query = "UPDATE ticket_user SET order_nr = " . $_POST['order_nr'] . ", navn = " . $_POST['navn'] . ", billet_type = " . $_POST['billet_type'] . ", antal = " . $_POST['antal'] . ", afsendt = " . $_POST['afsendt'] . ", billet_nr = " . $_POST['billet_nr'] . ", WHERE order_id = " . $_POST['order_id']; Then I get this error again? :s You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Tomat, billet_type = Sommer Rock, antal = 7, afsendt = 20-10-2010, ' at line 3 Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted May 4, 2010 Share Posted May 4, 2010 Can you post up your table structure? We can help clean up the SQL when we know what's what. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.