titantechcorp Posted February 14, 2008 Share Posted February 14, 2008 This is my insert code. I have modified it from an insert to an update. I need it to update the data in the following tables, only where "num" = $num. I keep getting "syntax error" I have never done any UPDATEs before so i would appriciate any tips. Thank you! $insert = "UPDATE `events` SET( `date` , `location` , `time` , `desc` , `email` , `web` ) VALUES ( '".$_POST['date']."', '".$_POST['location']."', '".$_POST['time']."', '".$_POST['editor']."', '".$_POST['email']."', '".$_POST['web']."'), '"." WHERE num = ".$num; Quote Link to comment Share on other sites More sharing options...
Isityou Posted February 14, 2008 Share Posted February 14, 2008 Don't quote table names, and you quote only values. Also post the error. Quote Link to comment Share on other sites More sharing options...
rhodesa Posted February 14, 2008 Share Posted February 14, 2008 UPDATEs look completely different INSERTs Read: http://dev.mysql.com/doc/refman/5.0/en/update.html Quote Link to comment Share on other sites More sharing options...
titantechcorp Posted February 14, 2008 Author Share Posted February 14, 2008 add errorDB Error: syntax error can you help me reconstruct this to a update? im lost ??? thanks for quick responses Quote Link to comment Share on other sites More sharing options...
revraz Posted February 14, 2008 Share Posted February 14, 2008 $insert = "UPDATE `events` SET `date`= '".$_POST['date']."' , etc Quote Link to comment Share on other sites More sharing options...
rhodesa Posted February 14, 2008 Share Posted February 14, 2008 $insert = "UPDATE `events` SET ". "`date`= '".mysql_real_escape_string($_POST['date'])."',". "`location`= '".mysql_real_escape_string($_POST['location'])."',". "`time`= '".mysql_real_escape_string($_POST['time'])."',". "`desc`= '".mysql_real_escape_string($_POST['editor'])."',". "`email`= '".mysql_real_escape_string($_POST['email'])."',". "`web`= '".mysql_real_escape_string($_POST['web'])."' ". "WHERE `num`=".$num; Quote Link to comment Share on other sites More sharing options...
titantechcorp Posted February 14, 2008 Author Share Posted February 14, 2008 AWESOME thank you, it works great! mysql_real_escape_string - do i need this? Im passing HTML through, apprarently it came out different after doing the update. Quote Link to comment Share on other sites More sharing options...
rhodesa Posted February 14, 2008 Share Posted February 14, 2008 Is it coming out with lot's of slashes? You probably have magic_quotes enabled. You should disabled this since it has been removed from PHP6 Quote Link to comment Share on other sites More sharing options...
Isityou Posted February 14, 2008 Share Posted February 14, 2008 AWESOME thank you, it works great! mysql_real_escape_string - do i need this? Im passing HTML through, apprarently it came out different after doing the update. Yes you should make sure all user input is sanitized before sending it to the server. Quote Link to comment Share on other sites More sharing options...
titantechcorp Posted February 14, 2008 Author Share Posted February 14, 2008 no, its actualy fine.. the font sized changed... strange ill take a look into it Quote Link to comment Share on other sites More sharing options...
Isityou Posted February 14, 2008 Share Posted February 14, 2008 Oh I see. To stop html from being parsed used the function: htmlentities(), this will convert the html tags. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.