zpupster Posted April 10, 2017 Share Posted April 10, 2017 i am lost, i am getting an error with my code, a reported syntax error -- i have tried many thing and can not get the record to update. Nothing in the error log Error Connected successfully -Error -You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''10', weight'4.00', price'69.0000', where products_id = '29'' at line 3 <?php error_reporting(E_ALL); ini_set('display_errors', '1'); ?> <?php include 'connect.php'; if(isset($_POST['btn_submit'])){ $sql ="update products set quantity'".$_POST['txt_quantity']."', weight'".$_POST['txt_weight']."', price'".$_POST['txt_price']."', where products_id = '".$_POST['txt_id']."' "; if(mysqli_query($con, $sql)){ header('Location:index.php'); }else{ echo "Error " .mysqli_error($con); } } if(isset($_GET['id'])){ $sql = "SELECT products_id, products_quantity, products_weight, products_price FROM products where products_id=" .$_GET['id']; $result = mysqli_query($con, $sql); if(mysqli_num_rows($result)>0){ ($row = mysqli_fetch_assoc($result)); $id = $row['products_id']; $quantity = $row['products_quantity']; $weight = $row['products_weight']; $price = $row['products_price']; } } ?> <form action="" method="post"> <table> <tr> <td>Quantity</td> <td><input name = "txt_quantity" value ="<?=$quantity?>"></td> </tr> <tr> <td>Weight</td> <td><input name = "txt_weight" value ="<?=$weight?>"></td> </tr> <tr> <td>Price</td> <td><input name = "txt_price" value ="<?=$price?>"></td> </tr> <tr> <td><input type = "hidden" value ="<?=$id?>" name = "txt_id" ></td> <td><input type="submit" name="btn_submit"></td> </tr> </table> </form> Link to comment Share on other sites More sharing options...
zpupster Posted April 10, 2017 Author Share Posted April 10, 2017 I believe the error is somewhere in where clause, looking and trying to change following many examples i can not get this to post. the data retrieves fine but i cannot edit and then post the update. Link to comment Share on other sites More sharing options...
benanamen Posted April 10, 2017 Share Posted April 10, 2017 Stop what you are doing. Never ever put variables in your query. You need to use prepared statements. PDO is better. https://phpdelusions.net/pdo Check for the request method, not the name of a button. Do not create variables for no reason. You are missing several equal signs. Look up how to do a correct INSERT query. You are making the same exact mistake from your post here https://forums.phpfreaks.com/topic/303672-update-php/ Link to comment Share on other sites More sharing options...
zpupster Posted April 11, 2017 Author Share Posted April 11, 2017 ty for your helpful hints, i finally got this to work. now i can learn it the right way, the pdo way. after reading about pdo it seems the way to go. ty again, Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.