Greenbox Posted June 1, 2010 Share Posted June 1, 2010 hi, i get this error when i click the save settings code i got two diffrent buttons on the page one for the save settings and one for save profile im a noob at php so please help me out and see if you can see whats the problem is in this code Thanks You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(`sex` , `country` , `day`, `year`, `month`, `msn` , `skype`) VALUES ('2', '', '' at line 1 <? session_start(); include_once "includes/db_connect.php"; include_once"includes/functions.php"; logincheck(); $username=$_SESSION['username']; $query=mysql_query("SELECT * FROM users WHERE username='$username'"); $fetch=mysql_fetch_object($query); if ($_POST['save_profile']){ $image=strip_tags($_POST['viewprofile']); $quote = $_POST['quote']; $bgcolor = $_POST['bgcolor']; $textco = $_POST['textco']; $pic = $_POST['pic']; $musictitle = $_POST['musictitle']; $profilmu = $_POST['profilmu']; $updatemusicchange = $_POST['updatemusicchange']; $avatar = $_POST['avatar']; } if ($_POST['save_settings']){ $skype = $_POST['skype']; $sex = $_POST['sex']; $country = $_POST['country']; $month = $_POST['month']; $day = $_POST['day']; $year = $_POST['year']; } if ($_POST['save_profile']){ mysql_query("UPDATE users (`avatar` , `updatemusicchange` , `profilmu`, `musictitle`, `pic`, `textco` , `bgcolor` , `quote`) VALUES ('$avatar, '$updatemusicchange', '$profilmu', '$musictitle', '$pic', '$textco', '$bgcolor', '$quote')") or die (mysql_error()); echo "<font color=orange><center><b>Your Profile have been updated!<meta http-equiv=Refresh content=0;url=editprofile.php></font></b>"; } if ($_POST['save_settings']){ mysql_query("UPDATE users (`sex` , `country` , `day`, `year`, `month`, `msn` , `skype`) VALUES ('$sex', '$country', '$day', '$year', '$month', '$msn', '$skype')") or die (mysql_error()); echo "<font color=orange><center><b>Your Profile have been updated!<meta http-equiv=Refresh content=0;url=editprofile.php></font></b>"; } ?> Quote Link to comment Share on other sites More sharing options...
marcus Posted June 1, 2010 Share Posted June 1, 2010 You should use mysql_real_escape_string() on your variables when using mySQL queries. Anyways, your UPDATE syntax is invalid. $sql = "UPDATE `table` SET `sex`='2'"; is more acceptable. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted June 1, 2010 Share Posted June 1, 2010 You are also using the syntax for an INSERT query (i.e. INSERT INTO table_name (columns) VALUES (values)) for an UPDATE query. Which type of query are you trying to perform an UPDATE (which looks like UPDATE table_name SET column=value, column=value WHERE ...) or an INSERT? Quote Link to comment Share on other sites More sharing options...
Greenbox Posted June 1, 2010 Author Share Posted June 1, 2010 You are also using the syntax for an INSERT query (i.e. INSERT INTO table_name (columns) VALUES (values)) for an UPDATE query. Which type of query are you trying to perform an UPDATE (which looks like UPDATE table_name SET column=value, column=value WHERE ...) or an INSERT? im trying to do an update because settings is already in the db Quote Link to comment Share on other sites More sharing options...
marcus Posted June 1, 2010 Share Posted June 1, 2010 You didn't read what either of us said. You're using the INSERT syntax for a query, you need to use the proper syntax for an UPDATE query. $sql = "UPDATE `table_name` SET `field1`='".$field1."' , `field2`='".$field2."' WHERE `field3`='".$field3."'"; What you're using is the equivalent to my example as: $sql = "UPDATE `table_name` (`field1`,`field2`) VALUES('".$field1."','".$field2."')"; Quote Link to comment Share on other sites More sharing options...
Greenbox Posted June 1, 2010 Author Share Posted June 1, 2010 You didn't read what either of us said. You're using the INSERT syntax for a query, you need to use the proper syntax for an UPDATE query. $sql = "UPDATE `table_name` SET `field1`='".$field1."' , `field2`='".$field2."' WHERE `field3`='".$field3."'"; What you're using is the equivalent to my example as: $sql = "UPDATE `table_name` (`field1`,`field2`) VALUES('".$field1."','".$field2."')"; Something like this? if ($_POST['save_settings']){ $sex=mysql_real_escape_string(strip_tags($_POST['sex'])); mysql_query("UPDATE users SET sex='$sex' WHERE username='$username'"); } Quote Link to comment Share on other sites More sharing options...
marcus Posted June 1, 2010 Share Posted June 1, 2010 Exactly. Quote Link to comment Share on other sites More sharing options...
Greenbox Posted June 1, 2010 Author Share Posted June 1, 2010 but isnt it a easier way to do it than do everyone like that? Quote Link to comment Share on other sites More sharing options...
marcus Posted June 1, 2010 Share Posted June 1, 2010 ... you didn't take anything from my example of how you can update multiple fields at once using a single query. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.