elite_prodigy Posted March 27, 2008 Share Posted March 27, 2008 This is probably the sillyest error on my part, but I can't seem to find it. The following is my SQL: $update_db = "INSERT INTO members WHERE id = `$_SESSION[id]` profile = $_POST[profile] LIMIT 1;" or die(mysql_error()); mysql_query($update_db,$conn) or die(mysql_error()); I have also tried: $update_db = "UPDATE `members` SET `profile` = $_POST[profile] WHERE id = $_SESSION[id] LIMIT 1;"; The error returned is: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id = '2' profile = LIMIT 1' at line 1 Any help would be apreciated Quote Link to comment https://forums.phpfreaks.com/topic/98217-sql-syntax-error/ Share on other sites More sharing options...
rhodesa Posted March 27, 2008 Share Posted March 27, 2008 $update_db = "UPDATE `members` SET `profile` = '".mysql_real_escape_string($_POST['profile'])."' WHERE id = '{$_SESSION['id']}' LIMIT 1"; mysql_query($update_db,$conn) or die(mysql_error()); Quote Link to comment https://forums.phpfreaks.com/topic/98217-sql-syntax-error/#findComment-502558 Share on other sites More sharing options...
elite_prodigy Posted March 27, 2008 Author Share Posted March 27, 2008 5.0.45-community is the Version Okay. That stopped the error, but it gave unexpected results. ??? What I am trying to do is give staff members the ability to make a profile. There is a field on my members table called profile. When I run this script/sql query, I want to change that table to reflect what is inside the textarea they are typing into. The idea is to obviously edit the profile where their ID is the same as what was stored in the super global $_SESSION[id]. But when I run the script that was just fixed, all that I get is a blank database field. Quote Link to comment https://forums.phpfreaks.com/topic/98217-sql-syntax-error/#findComment-502569 Share on other sites More sharing options...
elite_prodigy Posted March 27, 2008 Author Share Posted March 27, 2008 Also, when I try to run a separate script to extract some default data into the textarea, all that is returned is "Resource id #*" (where * = ID #). I would like to have their profile HTML queried into the box each time so they have something to edit off of. $retrieve_profile = "SELECT profile FROM members WHERE id = '$_SESSION[id]';"; $content_profile = mysql_query($retrieve_profile,$conn); $display_profile = "<h4>Update Your Profile</h4> <form method=\"post\" action=\"profile.php\"> <textarea name=\"article\" rows=\"10\" cols=\"50\" wrap=\"virtual\">This Won't Work until I fix it. --elite</textarea><br /> <input type=\"submit\" name=\"submit\" value=\"Save Changes\" /> </form> "; Quote Link to comment https://forums.phpfreaks.com/topic/98217-sql-syntax-error/#findComment-502572 Share on other sites More sharing options...
rhodesa Posted March 27, 2008 Share Posted March 27, 2008 Also, when I try to run a separate script to extract some default data into the textarea, all that is returned is "Resource id #*" (where * = ID #). I would like to have their profile HTML queried into the box each time so they have something to edit off of. $retrieve_profile = "SELECT profile FROM members WHERE id = '$_SESSION[id]';"; $content_profile = mysql_query($retrieve_profile,$conn); $display_profile = "<h4>Update Your Profile</h4> <form method=\"post\" action=\"profile.php\"> <textarea name=\"article\" rows=\"10\" cols=\"50\" wrap=\"virtual\">This Won't Work until I fix it. --elite</textarea><br /> <input type=\"submit\" name=\"submit\" value=\"Save Changes\" /> </form> "; For this it would be: $profile_sql = "SELECT profile FROM members WHERE id = '$_SESSION[id]';"; $profile_result = mysql_query($profile_sql,$conn); $profile_row = mysql_fetch_assoc($profile_result,$conn); $profile = htmlspecialchars($profile_row['profile']); $display_profile = "<h4>Update Your Profile</h4> <form method=\"post\" action=\"profile.php\"> <textarea name=\"article\" rows=\"10\" cols=\"50\" wrap=\"virtual\">{$profile}</textarea><br /> <input type=\"submit\" name=\"submit\" value=\"Save Changes\" /> </form> "; As for the UPDATE command, in your form the field is called "article", but in your code, you reference 'profile'. Change your UPDATE to: $update_db = "UPDATE `members` SET `profile` = '".mysql_real_escape_string($_POST['article'])."' WHERE id = '{$_SESSION['id']}' LIMIT 1"; Quote Link to comment https://forums.phpfreaks.com/topic/98217-sql-syntax-error/#findComment-502616 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.