You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version
Question
I am trying to update a row in mysql, however, error no 1024 comes up every time
@$name= $_POST['name'];
@$bio=$_POST['bio'];
@$email=$_POST['email'];
if(!empty($_POST['name']) && !empty($_POST['bio']) && !empty($_POST['email']) )
{
$result="SELECT * FROM accounts where email='$email'";
$row = mysqli_fetch_array(mysqli_query($con,$result),MYSQLI_ASSOC);
$row['id']=$id;
$Sql_Query = mysqli_query($con,"UPDATE profile SET name= '$name', bio = '$bio' WHERE id = '$id'");
if(mysqli_query($con,$Sql_Query)){
echo 'Record Updated Successfully';
}
else{
echo 'Something went wrong, whether id is not present or something else'.mysqli_error($con);
}
}else
{
echo 'missing parameters';
}
error
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '1' at line 1
Any help will be deeply appreciated
1 answers
solution1
3 ACCPTED 2018-08-03 17:50:44
(See the edit near the bottom).
What happened here is that you executed the same query twice for the UPDATE and the error that you should be getting is a "1". (This before the edit ).
Change your
$Sql_Query = mysqli_query($con,"UPDATE profile SET name= '$name', bio = '$bio' WHERE id = '$id'");
// ^^^^^^^^^^^^^^^^^
if(mysqli_query($con,$Sql_Query)){
// ^^^^^^^^^^^^^^^^^
echo 'Record Updated Successfully';
}
to just
if($Sql_Query){
echo 'Record Updated Successfully';
}
and use a prepared statement to help against an SQL injection.
- https://en.wikipedia.org/wiki/Prepared_statement (General information).
- http://php.net/manual/en/mysqli.prepare.php (MySQLi_).
- http://php.net/manual/en/pdo.prepared-statements.php (PDO).
As per your edit where you added:
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '1' at line 1
...which is what I suspected and posted in a comment earlier.
By the way; those @ characters are error suppressors and should be removed during development.
Using PHP's error reporting would help to a certain extent, but not for those @'ed variables for the POST arrays should there be anything wrong for them.
Edit:
As stated in a comment given by IncredibleHat , this line:
$row['id']=$id;
is reversed and should be written as:
$id = $row['id'];
The id is to be assigned "to" the row and not the other way around.
I failed to see that, my bad. Good catch on that.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.