1. Home
  2. Forums Index
  3. Server Side / Databases 9:56 am May 21, 2026

Forum Moderators: open

Message Too Old, No Replies

Error with WHERE syntax

         

sandratampa

4:12 am on Jan 24, 2008 (gmt 0)

10+ Year Member



I'm trying to create a simple contact database. Everything works except the page to update a record. My server (through godaddy.com) has mySQL 4.1 and php 4.3.11

I tried changing the database to 5.0 but it didn't work either.

THIS IS THE CODE FOR MY SUBMISSION PAGE::

<?
session_start();
//check for required form variables
if (!$_POST[id]){
header("Location:http://www.myweb.com/database2/pick_modcontact.php");
exit;
} else {
//if form variables are present,start a session
session_start();
}

//check for validity of user
if ($_SESSION[valid]!= "yes") {
header("Location:http://www.myweb.com/database2/contact_menu.php");
exit;
}

//set up table and database names
include("dbinfo.inc.php");

//connect to server and select database
$connection = @mysql_connect($hostname,$username,$password) or die(mysql_error());

$db = @mysql_select_db($dbname,$connection) or die(mysql_error());

//build and issue query
$sql ="SELECT first, last, homeph, cellph, fax, email, web FROM $usertable WHERE id ='$_POST[id]'";
$result =@mysql_query($sql,$connection)or die(mysql_error());

//get results for display
while ($row =mysql_fetch_array($result)){
$first =$row['first'];
$last =$row['last'];
$homeph =$row['homeph'];
$cellph =$row['cellph'];
$fax =$row['fax'];
$email =$row['email'];
$web =$row['web'];

}
?>
<HTML>
<HEAD>
<TITLE>My Contact Management System:Modify a Contact</TITLE>
</HEAD>
<BODY>
<h1>My Contact Management System</h1>
<h2><em>Modify a Contact</em></h2>

<FORM METHOD="post"ACTION="do_modcontact.php">

<INPUT TYPE="hidden" name="id" value="<? echo "$_POST[id]";?>">

<table cellspacing=3 cellpadding=5>
<tr>
<th>NAME &ADDRESS INFORMATION</th>
<th>OTHER CONTACT/PERSONAL INFORMATION</th>
</tr>
<tr>
<td valign=top>

<P><STRONG>First Name:</STRONG><BR>
<INPUT TYPE="text" NAME="first" VALUE="<? echo "$first";?>" SIZE=35 MAXLENGTH=75></P>

<P><STRONG>Last Name:</STRONG><BR>
<INPUT TYPE="text" NAME="last" VALUE="<? echo "$last";?>" SIZE=35 MAXLENGTH=75></P>

<P><STRONG>Home Phone:</STRONG><BR>
<INPUT TYPE="text" NAME="homeph" VALUE="<? echo "$homeph";?>" SIZE=35 MAXLENGTH=100></P>

<P><STRONG>Mobile Phone:</STRONG><BR>
<INPUT TYPE="text" NAME="cellph" VALUE="<? echo "$cellph";?>" SIZE=35 MAXLENGTH=25></P>

<P><STRONG>fax:</STRONG><BR>
<INPUT TYPE="text" NAME="fax" VALUE="<? echo "$fax";?>" SIZE=35 MAXLENGTH=100></P>
</td>
<td valign=top>
<P><STRONG>Emailr:</STRONG><BR>
<INPUT TYPE="text" NAME="email" VALUE="<? echo "$email";?>" SIZE=35 MAXLENGTH=35></P>

<P><STRONG>Website:</STRONG><BR>
<INPUT TYPE="text" NAME="web" VALUE="<? echo "$web";?>" SIZE=35 MAXLENGTH=35></P>

</td>
</tr>
<tr>
<td align=center colspan=2><br>

<P><INPUT TYPE="SUBMIT" NAME="submit" VALUE="Update Contact Record"></P>
<br>
<p><a href="contact_menu.php">Return to Main Menu</a></p>
</TD>
</TR>
</TABLE>
</FORM>
</BODY>
</HTML>

ON SUBMIT, I GET THIS ERROR:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id ='_POST[id]'' at line 9

IN CASE IT MATTERS...HERE IS THE LANDING PAGE CODE:

<?
session_start();
//check for required form variables
if ((!$_POST[first]) ¦¦ (!$_POST[last])) {
header("Location:http://www.myweb.com/database2/pick_modcontact.php");
exit;
} else {
//if form variables are present,start a session
session_start();
}
//check for validity of user
if ($_SESSION[valid]!= "yes"){
header("Location:http://www.myweb.com/database2/contact_menu.php");
exit;
}

//set up table and database names
include("dbinfo.inc.php");

//connect to server and select database
$connection = @mysql_connect($hostname,$username,$password) or die(mysql_error());
$db = @mysql_select_db($dbname,$connection) or die(mysql_error());

//build and issue query
$sql ="UPDATE $usertable SET
first ='$_POST[first]',
last ='$_POST[last]',
homeph ='$_POST[homeph]',
cellph ='$_POST[cellph]',
fax ='$_POST[fax]',
email ='$_POST[email]',
web ='$_POST[web]',
WHERE id ='_POST[id]'";

$result = @mysql_query($sql,$connection) or die(mysql_error());
?>
<HTML>
<HEAD>
<TITLE>My Contact Management System:Contact Updated</TITLE>
</HEAD>
<BODY>
<h1>My Contact Management System</h1>
<h2><em>Modify a Contact -Contact Updated</em></h2>

<P>The following information was successfully updated in <? echo "$usertable";?></P>
<table cellspacing=3 cellpadding=5><tr>
<th>NAME & ADDRESS INFORMATION</th>
<th>OTHER CONTACT/PERSONAL INFORMATION</th>
</tr>
<tr>
<td valign=top>
<P><STRONG>First Name:</STRONG><BR>
<? echo "$_POST[first]";?></P>

<P><STRONG>Last Name:</STRONG><BR>
<? echo "$_POST[last]";?></P>

<P><STRONG>Address Line 1:</STRONG><BR>
<? echo "$_POST[homeph]";?></P>

<P><STRONG>Address Line 2:</STRONG><BR>
<? echo "$_POST[cellph]";?></P>

<P><STRONG>Address Line 3:</STRONG><BR>
<? echo "$_POST[fax]";?></P>

<P><STRONG>Zip/Postal Code:</STRONG><BR>
<? echo "$_POST[email]";?></P>

<P><STRONG>web:</STRONG><BR>
<? echo "$_POST[web]";?></P>
</td>
</tr>
<tr>
<td align=center colspan=2><br>
<p><a href="contact_menu.php">Return to Main Menu</a></p>
</TD>
</TR>
</TABLE></BODY>
</HTML>

Any help is appreciated!

phranque

5:35 am on Jan 24, 2008 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



welcome to WebmasterWorld [webmasterworld.com], sandratampa!

in php, variables are not interpolated within single-quoted strings.
try this:

$sql ="SELECT first, last, homeph, cellph, fax, email, web FROM $usertable WHERE id ='" . $_POST[id] . "'";

sandratampa

12:19 pm on Jan 24, 2008 (gmt 0)

10+ Year Member



Thanks for the quick help! I tried the change but it produced a different problem. Instead of seeing the data fields to make the changes (my 'show' page), I got this error:

Parse error: parse error, unexpected T_CONSTANT_ENCAPSED_STRING in /home/content/m/c/r/mcrill/html/database2/show_modcontact.php on line 27

More info, incase this helps...
pick_modcontact.php - i select the record to edit from list
show_modcontact.php - shows me the record data in editable table
do_modcontact.php - i don't get to access this page because of the error:

"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id ='_POST[id]'' at line 9"

Now I'm thinking the error is in my second script where the UPDATE SET block is. I copied exactly from the book but my book is PHP5 Fast & East by Julie Meloni.

So, could it be that I need a different language for PHP4?

phranque

12:30 pm on Jan 24, 2008 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



try printing the sql statement so you know what you have:
print $sql;

sandratampa

12:34 pm on Jan 24, 2008 (gmt 0)

10+ Year Member



As a test, I changed this block...

//build and issue query
$sql ="UPDATE $usertable SET
first ='$_POST[first]',
last ='$_POST[last]',
homeph ='$_POST[homeph]',
cellph ='$_POST[cellph]',
fax ='$_POST[fax]',
email ='$_POST[email]',
web ='$_POST[web]',
WHERE id ='_POST[id]'";

To this:

//build and issue query
$sql ="UPDATE $usertable SET first ='$_POST[first]' WHERE id ='_POST[id]'";

On submit, I was able to move to the do_modcontact.php page without the error; however the change was not made in my database.

phranque

12:39 pm on Jan 24, 2008 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



in php, variables are not interpolated within single-quoted strings.
!

not to mention a missing dollar sign for the variable...

$sql ="UPDATE $usertable SET first ='" . $_POST[first] . "' WHERE id ='" . $_POST[id] . "'";
print $sql;

please note that ALL single quotes are within double quotes and ALL variables are outside.

sandratampa

12:42 pm on Jan 24, 2008 (gmt 0)

10+ Year Member



I'm too new :( I'm not sure how to do that... print $sql;

sandratampa

12:46 pm on Jan 24, 2008 (gmt 0)

10+ Year Member



Yeah! That worked. Now, how do I properly add the other fields back in? With comma's?

sandratampa

1:01 pm on Jan 24, 2008 (gmt 0)

10+ Year Member



Thanks so much, I think I got it!

For future newbies, this is what I did...

$sql ="UPDATE $usertable SET first ='" . $_POST[first] . "', last ='" . $_POST[last] . "' WHERE id ='" . $_POST[id] . "'";
print $sql;

typed all on one line.

phranque

1:36 pm on Jan 24, 2008 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



that "print $sql;" is merely for debugging purposes so you can see your query string.
you can remove that when it works.

did you also get the SELECT statement syntax working?

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Databases 9:56 am May 21, 2026