Trying to update a record in MySQL via php form submission, but I keep recieving the error:
Error updating record: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'SET phone='3609992399', address='123 Test Lane', city='Battle Gr' at line 4
if (isset($_POST['submit'])) {
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zipcode = $_POST['zipcode'];
$mysqli = new mysqli($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME);
if ($mysqli->connect_errno) {
echo "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>";
exit();
} else {
$updateUser = "UPDATE users SET first_name='{$first_name}', last_name='{$last_name}', email='{$email}', phone='{$phone}', address='{$address}', city='{$city}', state='{$state}', zipcode='{$zipcode}' WHERE vendorid='{$user['vendorid']}'";
if ($mysqli->query($updateUser) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $mysqli->error;
}
}
$mysqli->close();
}
Ive checked documentation on 5.5 and everything looks proper. Any clues?
You did not read the documentation very well.
Using SET multiple times is incorrect. Change it to:
UPDATE users SET
first_name='{$first_name}',
last_name='{$last_name}',
email='{$email}',
phone='{$phone}',
address='{$address}',
city='{$city}',
state='{$state}',
zipcode='{$zipcode}'
WHERE
vendorid='{$user['vendorid']}'
From the documentation, second line:
UPDATE [LOW_PRIORITY] [IGNORE] table_reference
SET col_name1={expr1|DEFAULT} [, col_name2={expr2|DEFAULT}] ...
[WHERE where_condition]
[ORDER BY ...]
[LIMIT row_count]
You should also educate yourself about security. Putting data directly from the browser in your SQL is not a good idea.