Got a query like that:
UPDATE trails SET route = '$route', distance = '$distance', desc = '$description' WHERE route='$route'
It's returning this error:
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc = 'Bla bla bla' WHERE route='London to Dublin'' at line 1
Thanks!.
first :
escape your variables like that
$route = mysqli_real_escape_string ($route ) ; // if you are using mysqli
$route = mysql_real_escape_string ($route ) ; // if you are using mysql
and so on .. with other variables
and try this :
UPDATE trails SET route = '".$route."', distance = '".$distance."', `desc` = '".$description."' WHERE route='".$route."'
obs : desc is reserved keyword for mysql , so use other word or make backticks for it.
[This is not the correct answer.] You should escape your strings before passing them to the query.
See here: http://php.net/manual/en/mysqli.real-escape-string.php or here if your are using the old deprecated functions http://php.net/manual/en/function.mysql-real-escape-string.php
DESC is a reserved keyword. Quote it using back ticks:
UPDATE trails SET route = '...', distance = '...', `desc` = '...' WHERE route = '...'
By the way, you have more serious problems in your code. SQL injection for example.
Try this
mysql_query("UPDATE trails SET `route` = '".mysql_real_escape_string($route)."', `distance` = '".mysql_real_escape_string($distance)."', `desc` = '".mysql_real_escape_string($description)."' WHERE route='".mysql_real_escape_string($route)."'");