The error thrown:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
The relevant code:
$update = mysqli_real_escape_string($connection, $update);
// $update = '10'; $id = '4'
$sql = "UPDATE tasks SET `shortDesc` = '".$update."' WHERE `id`=".$id;
if (mysqli_query($connection, $sql) === TRUE) {
echo 1;
} else {
echo mysqli_error($connection);
}
I was not able to locate any similar error on the forum that would be of help. Why is it working but throws an error?
The code you posted should not cause an error, given, that the parameter $id is never empty. Actually looking at your error message and your query, this could be the only error produced, because if both variables are empty, you will have:
UPDATE tasks SET `shortDesc` = '' WHERE `id`=
This will fail, because there is no value for id. Since MySQL has not problem with numbers in quotes, this should eliminate the error message:
$sql = "UPDATE tasks SET `shortDesc` = '".$update."' WHERE `id`='".$id."'";
You can optimize this for better reading:
$sql = "UPDATE tasks SET `shortDesc` = '$update' WHERE `id`='$id'";
Now if the variables are empty the query still does not become invalid.
Since this is or was the only source of error in your code, i reckon something is missing in your listing, or your code was called twice with missing parameters?
For quality assurance you should check $update and $id for validity before using them anyhow. at least make sure they are not empty, since then you can spare the call.