Evanthes Posted September 14, 2006 Share Posted September 14, 2006 [code=php:0]$query = "update tbl_work set site_id=$id comments=$comments date_of_work=$date where work_id=$workid";[/code]i guess ive just been looking at this too long and dont understand why mysql doesnt like this statement. Below is how the statement prints out.update tbl_work set site_id=1 comments=N/A date_of_work=2006-09-14 where work_id=942does this need to be formatted in some way? thanks for the help ahead of time.! Quote Link to comment Share on other sites More sharing options...
obsidian Posted September 14, 2006 Share Posted September 14, 2006 you've got to separate your update fields with commas. also, you need to set off your content with quotes:[code]<?php$query = "update tbl_work set site_id='$id', comments='$comments', date_of_work='$date' where work_id='$workid'";?>[/code]keep in mind that you need to be sure and escape your variables properly for the version of SQL you're using Quote Link to comment Share on other sites More sharing options...
Evanthes Posted September 14, 2006 Author Share Posted September 14, 2006 awesome thanks, its been awhile since ive had to do programming like this...what do u mean exactly by escape your variables?thanks again Quote Link to comment Share on other sites More sharing options...
obsidian Posted September 14, 2006 Share Posted September 14, 2006 [quote author=Evanthes link=topic=108060.msg434361#msg434361 date=1158261638]its been awhile since ive had to do programming like this...what do u mean exactly by escape your variables?[/quote]depending on what type of SQL you're using and what your PHP ini settings are, it's usually a good practice to escape quotes and other possible contaminates out of your string. for instance, if you're trying to insert the following:[code]<?php$q = "I'm awesome!";$sql = mysql_query("INSERT INTO myTable (fieldName) VALUES ('$q')");?>[/code]you will have a failed query every time since, when the variable is translated, it will actually read the apostrophe in the variable as the end of the VALUES string. to avoid that, you've got to escape (place a backslash in front of) the offending quote. if you're using mysql, you can use mysql_real_escape_string(), if you're using postgresql, you can use pg_escape_string(), and if you're wanting to manually run it, you might even get by with addslashes().hope this helps! Quote Link to comment Share on other sites More sharing options...
Evanthes Posted September 14, 2006 Author Share Posted September 14, 2006 yes thanks a lot for your help! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.