user259384
user259384

Reputation: 1

Editing Account Detail for a user

$query = " UPDATE Users SET username = " 
  . $username 
  . "AND password =" 
  . $password 
  . "AND email =" 
  . $email 
  . " WHERE id = '$id'";

im putting this query into my database sql window and i get this message

#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '$query = " UPDATE Users SET username = " . $username . "AND password =" . $passw' at line 1 

can anyone help

Upvotes: 0

Views: 62

Answers (7)

Asha
Asha

Reputation: 25

It seems like its a syntax error. Try replacing the double quotes with single quotes and dots with +

$query = ' UPDATE Users SET username = ' +$username + 'AND password = ' + $password + 'AND email = ' + $email + ' WHERE id = ' + $id;

If $id is a varchar enclose with single quotes again.

Upvotes: -1

Patrick Q
Patrick Q

Reputation: 6393

All the other answers bring up very valid points, but the real issue (the actual thing causing the error provided) seems to be that you are putting a PHP statement directly into an SQL interpreter. SQL/MySQL is not going to parse PHP for you. You need to run that command in a PHP environment.

Upvotes: 0

sidneydobber
sidneydobber

Reputation: 2910

$query = "UPDATE Users SET username='$username', password='$password', email='$email' WHERE id='$id'";

Upvotes: 0

apomene
apomene

Reputation: 14389

you need quotes , replace and with ,:

$query = " UPDATE Users SET username = '" . $username . "' , password = '" . $password . "' , email = '" . $email . "' WHERE id = '$id'";

however consider injection issues

Upvotes: 1

NoobEditor
NoobEditor

Reputation: 15911

Enclose values in ' quotes

$query = "UPDATE Users 
          SET username = "'.$username.'" ,password="'.$password.'" ,email ="'. $email.'"
          WHERE id = '$id'"; /* note enclosing single quotes above */

Upvotes: 0

LefterisL
LefterisL

Reputation: 1153

Please consider moving on to Mysqli and also your code is vulnerable to injections.

As of your question

$query = " UPDATE Users SET username = '$username' AND password ='$password' AND email ='$email' WHERE id = '$id'";

should work fine

Upvotes: 0

Abhik Chakraborty
Abhik Chakraborty

Reputation: 44864

Mysql Update query does not work the way you are trying it should be

$query = "UPDATE 
Users 
SET username = '$username',
password ='$password',
email ='$email'
WHERE id = '$id'";

Need to have single quote for the string values and also updated columns needs to be separated by comma.

Also you need to start using mysqli or PDO with prepared statement.

Upvotes: 3

Related Questions