Helen Neely
Reputation: 4740
Can't Update MySQL table
I don't know what I'm doing wrong, but my little update code is giving me an error message that I can't work out how to resolve it.
Here's my code:
<?php
include('dbconfig.php');
$con = mysql_connect($host, $username, $password) or die(mysql_error()) ;
if (!$con){
die('Could not connect: ' . mysql_error());
}
mysql_select_db($db, $con);
function sqlEscape($string){
return "'".mysql_real_escape_string($string)."'";
}
if(isset($_POST['submit'])){
$q = "UPDATE records SET `name` = " + sqlEscape($_POST['name']) + ",
`age` = " + sqlEscape($_POST['age']) + ",
`location` = " + sqlEscape($_POST['location']) + ",
`telephone` = " + sqlEscape($_POST['telephone']) + "
WHERE id = $_POST[id]";
mysql_query($q) or die(mysql_error());
}
?>
Here's the error message it prints out:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '0' at line 1
Can someone see where I'm going wrong at all?
Thanks for your help.
Upvotes: 0
Views: 615
Answers (2)
Tom van der Woerdt
Reputation: 29965
You are adding strings together with the + operator, which is for adding numbers. In PHP, strings are concatenated with the . (period) operator.
$q = "UPDATE records SET `name` = " . sqlEscape(...) . ",
etc
Upvotes: 4
Matt K
Reputation: 6709
$q = "UPDATE records SET `name` = " . sqlEscape($_POST['name']) . ",
`age` = " . sqlEscape($_POST['age']) . ",
`location` = " . sqlEscape($_POST['location']) . ",
`telephone` = " . sqlEscape($_POST['telephone']) . "
WHERE id = $_POST[id]";
Use "." instead of "+" to concat strings in PHP.
Upvotes: 3
Related Questions
- Update table not successful in MySQL
- UPDATE table mySQL problem
- PHP error while update mysql table
- Trying to update MYSQL table in PHP
- Unable to update table using PHP Script
- cannot update mysql table with php
- can't update mysql database using php
- Can't update mySql database
- MYSQL table will not update
- MYSQL table won't update