Help with SQL UPDATE syntax

titantechcorp · February 14, 2008

This is my insert code. I have modified it from an insert to an update. I need it to update the data in the following tables, only where "num" = $num. I keep getting "syntax error" I have never done any UPDATEs before so i would appriciate any tips. Thank you!

$insert = "UPDATE `events` SET( `date` , `location` , `time` , `desc` , `email` , `web` ) 
VALUES (	'".$_POST['date']."', 
		'".$_POST['location']."', 
		'".$_POST['time']."', 
		'".$_POST['editor']."', 
		'".$_POST['email']."', 
		'".$_POST['web']."'),
		'"." WHERE num = ".$num;

Isityou · February 14, 2008

Don't quote table names, and you quote only values. Also post the error.

rhodesa · February 14, 2008

UPDATEs look completely different INSERTs

Read: http://dev.mysql.com/doc/refman/5.0/en/update.html

titantechcorp · February 14, 2008

add errorDB Error: syntax error

can you help me reconstruct this to a update? im lost ???

thanks for quick responses

revraz · February 14, 2008

$insert = "UPDATE `events` SET `date`= '".$_POST['date']."' ,

etc

rhodesa · February 14, 2008

$insert = "UPDATE `events` SET ".
                     "`date`= '".mysql_real_escape_string($_POST['date'])."',".
                     "`location`= '".mysql_real_escape_string($_POST['location'])."',".
                     "`time`= '".mysql_real_escape_string($_POST['time'])."',".
                     "`desc`= '".mysql_real_escape_string($_POST['editor'])."',".
                     "`email`= '".mysql_real_escape_string($_POST['email'])."',".
                     "`web`= '".mysql_real_escape_string($_POST['web'])."' ".
                     "WHERE `num`=".$num;

titantechcorp · February 14, 2008

AWESOME thank you, it works great!

mysql_real_escape_string - do i need this? Im passing HTML through, apprarently it came out different after doing the update.

rhodesa · February 14, 2008

Is it coming out with lot's of slashes? You probably have magic_quotes enabled. You should disabled this since it has been removed from PHP6

Isityou · February 14, 2008

AWESOME thank you, it works great!

mysql_real_escape_string - do i need this? Im passing HTML through, apprarently it came out different after doing the update.

Yes you should make sure all user input is sanitized before sending it to the server.

titantechcorp · February 14, 2008

no, its actualy fine.. the font sized changed... strange ill take a look into it

Isityou · February 14, 2008

Oh I see. To stop html from being parsed used the function: htmlentities(), this will convert the html tags.

Sign In

Help with SQL UPDATE syntax

Recommended Posts

titantechcorp

Link to comment

Share on other sites

Isityou

Link to comment

Share on other sites

rhodesa

Link to comment

Share on other sites

titantechcorp

Link to comment

Share on other sites

revraz

Link to comment

Share on other sites

rhodesa

Link to comment

Share on other sites

titantechcorp

Link to comment

Share on other sites

rhodesa

Link to comment

Share on other sites

Isityou

Link to comment

Share on other sites

titantechcorp

Link to comment

Share on other sites

Isityou

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information