Error is syntax of sql when updating item

Question

I'm trying to edit an item, but i keep getting the error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use.

I've searched on google what the problem with my syntax is, but i can't see the problem.

Can anyone help me out?

Thanks in advance!

<?php
    if ( isset($_POST['ga']) ) {
        $artikel = new artikel();

        $artikel->id = $_SESSION['id'];
        $artikel->artNaam = $_POST['naam'];
        $artikel->artOmschrijving = $_POST['oms'];
        $artikel->artOmsKort = $_POST['omsKort'];
        $artikel->artPrijs = $_POST['prijs'];
        $artikel->artCategorie = $_POST['categorie'];

        $sql = "update items set 
            artNaam='$artikel->artNaam', 
            artOmschrijving='$artikel->artOmschrijving', 
            artOmsKort='$artikel->artOmsKort', 
            artPrijs=$artikel->artPrijs, 
            artCategorie='$artikel->artCategorie' 
            where id=$artikel->id";

        if ( $conn->query($sql) ) {
            header('Location: wijzigArtikel.php?'.$artikel->id);                    
        } else {
            die($conn->error);
        }

        unset($_SESSION['id']);
    }
?>

Answer 1

There's probably a quote in one of the string values. Since you're using mysqli, you should use a prepared statement instead of substituting variables.

$stmt = $conn->prepare("update items set 
        artNaam=?, 
        artOmschrijving=?, 
        artOmsKort=?, 
        artPrijs=?, 
        artCategorie=? 
        where id=?";
$stmt->bind_param("sssisi", $artikel->artNaam, $artikel->artOmschriving,
            $artikel->artOmsKort, $artikel->artPrijs, $artikel->artCategorie,
            $artikel->id);
if ($stmt->execute()) {
    header('Location: wijzigArtikel.php?'.$artikel->id);                    
} else {
    die($conn->error);
}

unset($_SESSION['id']);

Answer 2

Try this instead :

 $sql = "update items set 
            artNaam='".$artikel->artNaam."', 
            artOmschrijving='".$artikel->artOmschrijving."', 
            artOmsKort='".$artikel->artOmsKort."', 
            artPrijs=$artikel->artPrijs, 
            artCategorie='".$artikel->artCategorie,"' 
            where id=$artikel->id";

Variables in string cant be in single quotes, single quotes only will write $artikel->artNaam istead of the value.

Error is syntax of sql when updating item

Question

2 answers

solution1
2 ACCPTED 2015-12-22 22:44:52

solution2
-2 2015-12-22 22:41:01

Error is syntax of sql when updating item

Question

2 answers

solution1 2 ACCPTED 2015-12-22 22:44:52

solution2 -2 2015-12-22 22:41:01

solution1
2 ACCPTED 2015-12-22 22:44:52

solution2
-2 2015-12-22 22:41:01