Reputation: 15639
error updating row in postgres table
My table is:
CREATE TABLE A(
id serial NOT NULL,
date timestamp without time zone,
type text,
sub_type text,
filename text,
filepath text,
filesize integer,
);
I have an update routine:
$Query = "UPDATE A SET type=\"" . $strType . "\" where id=" . intval($ID);
Problem:
When $strType is a string, like "lettuce" I get this error:
ERROR: column "lettuce" does not exist
When it is an int, no error.
Ideas?
more background:
- the insert code adds filename,filepath, both text types successfully
Upvotes: 1
Views: 322
Answers (2)
Reputation: 755114
Your coding is open to SQL injection. Use placeholders (probably unquoted question marks) and pass the value separately. That avoids the problems at XKCD.
Bill has the answer to your immediate problem about column names vs strings.
Upvotes: 3
Reputation: 563021
In SQL, double-quotes are identifier delimiters. Your UPDATE statement is trying to set the type column to the value of the "lettuce" column, which is an error if there is no column named lettuce.
You want to use single-quotes to delimit a string literal in SQL:
$Query = "UPDATE A SET type='" . $strType . "' where id=" . intval($ID);
See also "Do different databases use different name quote?"
Upvotes: 4
Related Questions
- Unable to update values in postgresql
- Postgres error when updating row with value from another table
- UPDATE table in postgreSQL
- Trying to update column on postgresql
- Postgres error updating column data
- Updating a table
- PostgreSQL simple UPDATE error
- Error in update query
- PostgreSQL Update Error
- Postgresql: Update problem