I work'd today on a public profile for my website but I hava problem .
I enter all information but when I press submit I get :
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id=1' at line 3
Code :
// contact to database
/// connection is OK
//Get data in local variable
$v_name=$_POST['name'];
$v_age=$_POST['age'];
$v_job=$_POST['job'];
$v_interes=$_POST['interes'];
$v_hobbies=$_POST['hobbies'];
$v_family=$_POST['family'];
$v_pub_mail=$_POST['pub_mail'];
$v_profimg=$_POST['profimg'];
$v_about=$_POST['about'];
// check for null values
if ($v_name=="" /*or $v_msg==""*/)
echo "All fields must be entered, hit back button and re-enter information";
else{
$query="insert into user(name,pub_mail,age,job,interes,hobbies,family,about) values ('$v_name','$v_age','$v_job','$v_interes','$v_hobbies','$v_family','$v_pub_mail','$v_profimg','$v_about') WHERE id='$usrid'";
mysql_query($query) or die(mysql_error());
echo "Your profile was updated .";
}
INSERT doesn't have a WHERE clause. If you need to update an existing record then you should be using UPDATE instead.
you should not use WHERE clause with an INSERT.
$query="insert into user(name,pub_mail,age,job,interes,hobbies,family,about) values ('$v_name','$v_age','$v_job','$v_interes','$v_hobbies','$v_family','$v_pub_mail','$v_profimg','$v_about');
I think you want to make an UPDATE instead of an INSERT ...
(you insertion/update is not secure by the way, don't forget to use addslashes)