I'm trying to make an Arduino program and php web to comunicate Arduino with server. But, in a .php file, i get his error and I don't know how to fix it.
The error says: Error updating record: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE id=1' at line 1
<?php
$rele = $_POST['rele'];
$modo = $_POST['modo'];
// Datos personales de la base de datos
$name = "cl60-32";
$pass = "alu32";
$server = "localhost";
$dates = "cl60-32";
$conn = new mysqli($server, $name, $pass, $dates);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error); }
$update_sql="UPDATE ACTUADORES SET rele=".$rele.", modo=".$modo." WHERE id=1";
if ($conn->query($update_sql) === TRUE) {
echo "Valores actualizados";
} else {
echo "Error updating record: " . $conn->error;
}
$conn->close();
?>
I know this is not what OP needs but here is a version using PDO:
$conn = new PDO("mysql:host=$server;dbname=$dates", $name, $pass);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$insertCh = $conn->prepare("UPDATE sd_posted_waoodk SET rele = :rele, modo = :modo WHERE id = '1' ");
$insertCh->bindParam(':rele', $rele, PDO::PARAM_STR);
$insertCh->bindParam(':modo', $modo, PDO::PARAM_STR);
$res = $insertCh->execute();
if($res)
echo "Valores actualizados";
} else {
echo "Error updating record";
}
Prepared statements are better against SQL injection, that is why one should use them.
Happy coding.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.