Reputation: 139
What's wrong with my update query?
Can you tell me what's wrong with this update statement? Not updating my db record in mysql
$updateid = $row[id];
$result2 = mysql_query("UPDATE grades SET processed = 1
where 'id' = '$updateid'") or die(mysql_error());
Upvotes: 1
Views: 46
Answers (2)
Reputation: 91734
You are quoting your column name. If you want to do that (it's not necessary here), you should use backticks:
$result2 = mysql_query("UPDATE grades SET processed = 1
where `id` = '$updateid'") or die(mysql_error());
Apart from that you should make sure that your variable is safe to use in an sql query, preferably using PDO (or mysqli) and prepared statements. If you really want to use the deprecated mysql_* functions, you should use mysql_real_escape_string().
Upvotes: 1
Reputation: 263703
ColumnNames (as well as TableName) shouldn't be enclosed with single quotes because they are identifiers and not string literals. Wrapping an identifier with single quotes makes it string literals.
UPDATE grades
SET processed = 1
where id = '$updateid'
If you are unsure if the columnName (or TableName) you are using is a reserved keyword, delimit it with backticks and not with single quotes. eg,
UPDATE `grades`
SET `processed` = 1
where `id` = '$updateid'
As a sidenote, the query is vulnerable with SQL Injection if the value(s) of the variables came from the outside. Please take a look at the article below to learn how to prevent from it. By using PreparedStatements you can get rid of using single quotes around values.
Upvotes: 3
Related Questions
- Why doesn't my MySQL update query work?
- issue with Update query not working
- What's wrong with my UPDATE statement?
- mysql update query doesn't work
- Update query not working correctly
- update query not working as expected
- whats wrong with my update query?
- Problems with update query
- mySQL UPDATE query wont work
- What's wrong with this SQL UPDATE query?