Error using variable inside UPDATE query, why?











up vote
-1
down vote

favorite












I have this code to update my record and to check if there's any value on the respective input. But it's not even updating my record, and i got this error when i click on submit:




Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'




if(isset($_POST["updateBTN"])){    



  $insert_data = array(

    'keywords'         => $_POST['keywords'],

    'img'              => $_POST['img'],

    'widht'            => $_POST['widht'],

    'status'           => $_POST['status'],

    'name'             => $_POST['name'],

    'height'           => $_POST['height']

  );

    $sets="";



    foreach ($insert_data as $column => $value) {



        if ($value!=""){



            $sets .= $column." = '".$column."', ";



        }

    }

     $sets = rtrim($sets, ', ');



     $query = "UPDATE table SET $sets WHERE title = :title";

     $stmt = $conn->prepare($query);

     $stmt->execute($insert_data);



}


html:



<form  method="post">

<div>

    <input type="text" name="title"> 

    <span data-placeholder="Title"></span>          

</div>

<div>

    <input type="text" name="keywords"> 

    <span data-placeholder="keywords"></span>          

</div>

<div>

    <input type="text" name="img"> 

    <span data-placeholder="img"></span>          

</div>

.

.

.

<button type="submit" name="updateBTN">Send</button>

</form>





php sql if-statement foreach sql-update







share|improve this question




















  • 1




    are you sure that you give right output of var_dump()?
    – Artem Ilchenko
    Nov 22 at 15:35










  • echo your $query and check if that's the output you are looking for
    – Ruub
    Nov 22 at 15:36










  • When you are building your SQL, any string values need to inside quotes (something like $sets .= $column." = '".$column."', ";) but I would also recommend using prepared statements instead.
    – Nigel Ren
    Nov 22 at 15:38










  • $query = "UPDATE table SET $sets WHERE title = :title"; ... you need bind the parameter $query ->bindParam(':title', $title);
    – Juan Carlos Oropeza
    Nov 22 at 16:11












  • @JuanCarlosOropeza I don't think so, since i'm using a array instead of binding. I tryed anyways and nothing changed.
    – 515948453225
    Nov 22 at 16:22















up vote
-1
down vote

favorite












I have this code to update my record and to check if there's any value on the respective input. But it's not even updating my record, and i got this error when i click on submit:




Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'




if(isset($_POST["updateBTN"])){    



  $insert_data = array(

    'keywords'         => $_POST['keywords'],

    'img'              => $_POST['img'],

    'widht'            => $_POST['widht'],

    'status'           => $_POST['status'],

    'name'             => $_POST['name'],

    'height'           => $_POST['height']

  );

    $sets="";



    foreach ($insert_data as $column => $value) {



        if ($value!=""){



            $sets .= $column." = '".$column."', ";



        }

    }

     $sets = rtrim($sets, ', ');



     $query = "UPDATE table SET $sets WHERE title = :title";

     $stmt = $conn->prepare($query);

     $stmt->execute($insert_data);



}


html:



<form  method="post">

<div>

    <input type="text" name="title"> 

    <span data-placeholder="Title"></span>          

</div>

<div>

    <input type="text" name="keywords"> 

    <span data-placeholder="keywords"></span>          

</div>

<div>

    <input type="text" name="img"> 

    <span data-placeholder="img"></span>          

</div>

.

.

.

<button type="submit" name="updateBTN">Send</button>

</form>





php sql if-statement foreach sql-update







share|improve this question




















  • 1




    are you sure that you give right output of var_dump()?
    – Artem Ilchenko
    Nov 22 at 15:35










  • echo your $query and check if that's the output you are looking for
    – Ruub
    Nov 22 at 15:36










  • When you are building your SQL, any string values need to inside quotes (something like $sets .= $column." = '".$column."', ";) but I would also recommend using prepared statements instead.
    – Nigel Ren
    Nov 22 at 15:38










  • $query = "UPDATE table SET $sets WHERE title = :title"; ... you need bind the parameter $query ->bindParam(':title', $title);
    – Juan Carlos Oropeza
    Nov 22 at 16:11












  • @JuanCarlosOropeza I don't think so, since i'm using a array instead of binding. I tryed anyways and nothing changed.
    – 515948453225
    Nov 22 at 16:22













up vote
-1
down vote

favorite









up vote
-1
down vote

favorite











I have this code to update my record and to check if there's any value on the respective input. But it's not even updating my record, and i got this error when i click on submit:




Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'




if(isset($_POST["updateBTN"])){    



  $insert_data = array(

    'keywords'         => $_POST['keywords'],

    'img'              => $_POST['img'],

    'widht'            => $_POST['widht'],

    'status'           => $_POST['status'],

    'name'             => $_POST['name'],

    'height'           => $_POST['height']

  );

    $sets="";



    foreach ($insert_data as $column => $value) {



        if ($value!=""){



            $sets .= $column." = '".$column."', ";



        }

    }

     $sets = rtrim($sets, ', ');



     $query = "UPDATE table SET $sets WHERE title = :title";

     $stmt = $conn->prepare($query);

     $stmt->execute($insert_data);



}


html:



<form  method="post">

<div>

    <input type="text" name="title"> 

    <span data-placeholder="Title"></span>          

</div>

<div>

    <input type="text" name="keywords"> 

    <span data-placeholder="keywords"></span>          

</div>

<div>

    <input type="text" name="img"> 

    <span data-placeholder="img"></span>          

</div>

.

.

.

<button type="submit" name="updateBTN">Send</button>

</form>





php sql if-statement foreach sql-update







share|improve this question















I have this code to update my record and to check if there's any value on the respective input. But it's not even updating my record, and i got this error when i click on submit:




Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'




if(isset($_POST["updateBTN"])){    



  $insert_data = array(

    'keywords'         => $_POST['keywords'],

    'img'              => $_POST['img'],

    'widht'            => $_POST['widht'],

    'status'           => $_POST['status'],

    'name'             => $_POST['name'],

    'height'           => $_POST['height']

  );

    $sets="";



    foreach ($insert_data as $column => $value) {



        if ($value!=""){



            $sets .= $column." = '".$column."', ";



        }

    }

     $sets = rtrim($sets, ', ');



     $query = "UPDATE table SET $sets WHERE title = :title";

     $stmt = $conn->prepare($query);

     $stmt->execute($insert_data);



}


html:



<form  method="post">

<div>

    <input type="text" name="title"> 

    <span data-placeholder="Title"></span>          

</div>

<div>

    <input type="text" name="keywords"> 

    <span data-placeholder="keywords"></span>          

</div>

<div>

    <input type="text" name="img"> 

    <span data-placeholder="img"></span>          

</div>

.

.

.

<button type="submit" name="updateBTN">Send</button>

</form>





php sql if-statement foreach sql-update




php sql if-statement foreach sql-update






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 22 at 15:44

























asked Nov 22 at 15:31









515948453225

448




448








  • 1




    are you sure that you give right output of var_dump()?
    – Artem Ilchenko
    Nov 22 at 15:35










  • echo your $query and check if that's the output you are looking for
    – Ruub
    Nov 22 at 15:36










  • When you are building your SQL, any string values need to inside quotes (something like $sets .= $column." = '".$column."', ";) but I would also recommend using prepared statements instead.
    – Nigel Ren
    Nov 22 at 15:38










  • $query = "UPDATE table SET $sets WHERE title = :title"; ... you need bind the parameter $query ->bindParam(':title', $title);
    – Juan Carlos Oropeza
    Nov 22 at 16:11












  • @JuanCarlosOropeza I don't think so, since i'm using a array instead of binding. I tryed anyways and nothing changed.
    – 515948453225
    Nov 22 at 16:22














  • 1




    are you sure that you give right output of var_dump()?
    – Artem Ilchenko
    Nov 22 at 15:35










  • echo your $query and check if that's the output you are looking for
    – Ruub
    Nov 22 at 15:36










  • When you are building your SQL, any string values need to inside quotes (something like $sets .= $column." = '".$column."', ";) but I would also recommend using prepared statements instead.
    – Nigel Ren
    Nov 22 at 15:38










  • $query = "UPDATE table SET $sets WHERE title = :title"; ... you need bind the parameter $query ->bindParam(':title', $title);
    – Juan Carlos Oropeza
    Nov 22 at 16:11












  • @JuanCarlosOropeza I don't think so, since i'm using a array instead of binding. I tryed anyways and nothing changed.
    – 515948453225
    Nov 22 at 16:22








1




1




are you sure that you give right output of var_dump()?
– Artem Ilchenko
Nov 22 at 15:35




are you sure that you give right output of var_dump()?
– Artem Ilchenko
Nov 22 at 15:35












echo your $query and check if that's the output you are looking for
– Ruub
Nov 22 at 15:36




echo your $query and check if that's the output you are looking for
– Ruub
Nov 22 at 15:36












When you are building your SQL, any string values need to inside quotes (something like $sets .= $column." = '".$column."', ";) but I would also recommend using prepared statements instead.
– Nigel Ren
Nov 22 at 15:38




When you are building your SQL, any string values need to inside quotes (something like $sets .= $column." = '".$column."', ";) but I would also recommend using prepared statements instead.
– Nigel Ren
Nov 22 at 15:38












$query = "UPDATE table SET $sets WHERE title = :title"; ... you need bind the parameter $query ->bindParam(':title', $title);
– Juan Carlos Oropeza
Nov 22 at 16:11






$query = "UPDATE table SET $sets WHERE title = :title"; ... you need bind the parameter $query ->bindParam(':title', $title);
– Juan Carlos Oropeza
Nov 22 at 16:11














@JuanCarlosOropeza I don't think so, since i'm using a array instead of binding. I tryed anyways and nothing changed.
– 515948453225
Nov 22 at 16:22




@JuanCarlosOropeza I don't think so, since i'm using a array instead of binding. I tryed anyways and nothing changed.
– 515948453225
Nov 22 at 16:22












1 Answer
1






active

oldest

votes

















up vote
0
down vote














  • "Widht" looks like it's spelt wrong. Is that the actual column name?

  • What does print_r($sets); show you?


  • $column values should ideally be encased in backticks

  • I hope you're cleaning that $_POST data!!!

  • Your error states "the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'" which implies the error comes before the first ?. Therefore, review the $sets string output from the bullet above.


And last but not least:




  • You REALLY SHOULD use the correct method for updating tables with PDO.






share|improve this answer





















    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53434173%2ferror-using-variable-inside-update-query-why%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    0
    down vote














    • "Widht" looks like it's spelt wrong. Is that the actual column name?

    • What does print_r($sets); show you?


    • $column values should ideally be encased in backticks

    • I hope you're cleaning that $_POST data!!!

    • Your error states "the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'" which implies the error comes before the first ?. Therefore, review the $sets string output from the bullet above.


    And last but not least:




    • You REALLY SHOULD use the correct method for updating tables with PDO.






    share|improve this answer

























      up vote
      0
      down vote














      • "Widht" looks like it's spelt wrong. Is that the actual column name?

      • What does print_r($sets); show you?


      • $column values should ideally be encased in backticks

      • I hope you're cleaning that $_POST data!!!

      • Your error states "the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'" which implies the error comes before the first ?. Therefore, review the $sets string output from the bullet above.


      And last but not least:




      • You REALLY SHOULD use the correct method for updating tables with PDO.






      share|improve this answer























        up vote
        0
        down vote










        up vote
        0
        down vote










        • "Widht" looks like it's spelt wrong. Is that the actual column name?

        • What does print_r($sets); show you?


        • $column values should ideally be encased in backticks

        • I hope you're cleaning that $_POST data!!!

        • Your error states "the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'" which implies the error comes before the first ?. Therefore, review the $sets string output from the bullet above.


        And last but not least:




        • You REALLY SHOULD use the correct method for updating tables with PDO.






        share|improve this answer













        • "Widht" looks like it's spelt wrong. Is that the actual column name?

        • What does print_r($sets); show you?


        • $column values should ideally be encased in backticks

        • I hope you're cleaning that $_POST data!!!

        • Your error states "the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'" which implies the error comes before the first ?. Therefore, review the $sets string output from the bullet above.


        And last but not least:




        • You REALLY SHOULD use the correct method for updating tables with PDO.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 22 at 16:31









        Martin

        12.3k53478




        12.3k53478






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.





            Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


            Please pay close attention to the following guidance:


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53434173%2ferror-using-variable-inside-update-query-why%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Trompette piccolo

            Image
            Ne doit pas être confondu avec trompette de poche. Trompette piccolo en si bémol, avec des branches d'embouchure différentes pour le si bémol (la plus courte) ou la (la plus longue) Trompette piccolo La trompette piccolo est la plus petite de la famille des trompettes. Elle joue une octave plus haut que la trompette standard en si bémol. La plupart des trompettes piccolo sont conçues pour jouer dans les deux tonalités de si bémol ou la, en utilisant une branche d'embouchure différente pour chaque tonalité. Le tube de la trompette piccolo en si bémol a une longueur moitié de celle de la trompette normale en si bémol. Des trompettes piccolo en sol, fa, ut sont également fabriquées, mais elles sont rares. La trompette soprano en ré, aussi connu comme la « trompette Bach », a été inventée vers 1890 par le facteur belge Victor-Charles Mahillon pour jouer les parties hautes de la trompette dans la musique de Bach et Haendel. La trompette piccolo moderne permet aux
            Read more

            Slow SSRS Report in dynamic grouping and multiple parameters

            Image
            0 I have developed a report which has 5 dynamic row groups from where users can choose in parameter selection. The report has 12 parameters so that user can get required information as per their parameter choice. Each parameter has multi value selection option with numerous lists of values (example: Customer parameter has 35,000 values and Item parameter has 2,500 values). Now, the report takes huge time to load parameter values as well as slow in preview (although, server resource is adequate). I am looking for a solution to improve the parameter selection performance without reducing the number of parameter and dynamic grouping sql-server reporting-services ssrs-2012 share | improve this question
            Read more

            Simon Yates (cyclisme)

            Image
            Pour les articles homonymes, voir Simon Yates et Yates. Simon Yates.mw-parser-output .entete.cyclisme{background-image:url("//upload.wikimedia.org/wikipedia/commons/thumb/8/86/Cycling_%28road%29_pictogram.svg/45px-Cycling_%28road%29_pictogram.svg.png")} Simon Yates lors du Tour d'Alberta 2014 Informations Naissance 7 août 1992 (26 ans) Bury Nationalité Britannique Équipe actuelle Mitchelton-Scott Spécialités Grimpeur, cyclisme sur piste Équipes amateurs 2013 100% Me Équipes professionnelles 01.2014-06.2016 [ n 1 ] Orica-GreenEDGE 07.2016-12.2016 [ n 2 ] Orica-BikeExchange 2017 Orica-Scott 2018- Mitchelton-Scott Principales victoires 1 classement mondial UCI World Tour 2018 1 titre mondial Champion du monde de course aux points (2013) 1 grand tour Tour d'Espagne 2018 2 classements annexes de grands tours Classement du meilleur jeune Tour de France 2017 Classement du combiné Tour d'
            Read more