Error using variable inside UPDATE query, why?











up vote
-1
down vote

favorite












I have this code to update my record and to check if there's any value on the respective input. But it's not even updating my record, and i got this error when i click on submit:




Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'




if(isset($_POST["updateBTN"])){    

$insert_data = array(
'keywords' => $_POST['keywords'],
'img' => $_POST['img'],
'widht' => $_POST['widht'],
'status' => $_POST['status'],
'name' => $_POST['name'],
'height' => $_POST['height']
);
$sets="";

foreach ($insert_data as $column => $value) {

if ($value!=""){

$sets .= $column." = '".$column."', ";

}
}
$sets = rtrim($sets, ', ');

$query = "UPDATE table SET $sets WHERE title = :title";
$stmt = $conn->prepare($query);
$stmt->execute($insert_data);

}


html:



<form  method="post">
<div>
<input type="text" name="title">
<span data-placeholder="Title"></span>
</div>
<div>
<input type="text" name="keywords">
<span data-placeholder="keywords"></span>
</div>
<div>
<input type="text" name="img">
<span data-placeholder="img"></span>
</div>
.
.
.
<button type="submit" name="updateBTN">Send</button>
</form>









share|improve this question




















  • 1




    are you sure that you give right output of var_dump()?
    – Artem Ilchenko
    Nov 22 at 15:35










  • echo your $query and check if that's the output you are looking for
    – Ruub
    Nov 22 at 15:36










  • When you are building your SQL, any string values need to inside quotes (something like $sets .= $column." = '".$column."', ";) but I would also recommend using prepared statements instead.
    – Nigel Ren
    Nov 22 at 15:38










  • $query = "UPDATE table SET $sets WHERE title = :title"; ... you need bind the parameter $query ->bindParam(':title', $title);
    – Juan Carlos Oropeza
    Nov 22 at 16:11












  • @JuanCarlosOropeza I don't think so, since i'm using a array instead of binding. I tryed anyways and nothing changed.
    – 515948453225
    Nov 22 at 16:22















up vote
-1
down vote

favorite












I have this code to update my record and to check if there's any value on the respective input. But it's not even updating my record, and i got this error when i click on submit:




Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'




if(isset($_POST["updateBTN"])){    

$insert_data = array(
'keywords' => $_POST['keywords'],
'img' => $_POST['img'],
'widht' => $_POST['widht'],
'status' => $_POST['status'],
'name' => $_POST['name'],
'height' => $_POST['height']
);
$sets="";

foreach ($insert_data as $column => $value) {

if ($value!=""){

$sets .= $column." = '".$column."', ";

}
}
$sets = rtrim($sets, ', ');

$query = "UPDATE table SET $sets WHERE title = :title";
$stmt = $conn->prepare($query);
$stmt->execute($insert_data);

}


html:



<form  method="post">
<div>
<input type="text" name="title">
<span data-placeholder="Title"></span>
</div>
<div>
<input type="text" name="keywords">
<span data-placeholder="keywords"></span>
</div>
<div>
<input type="text" name="img">
<span data-placeholder="img"></span>
</div>
.
.
.
<button type="submit" name="updateBTN">Send</button>
</form>









share|improve this question




















  • 1




    are you sure that you give right output of var_dump()?
    – Artem Ilchenko
    Nov 22 at 15:35










  • echo your $query and check if that's the output you are looking for
    – Ruub
    Nov 22 at 15:36










  • When you are building your SQL, any string values need to inside quotes (something like $sets .= $column." = '".$column."', ";) but I would also recommend using prepared statements instead.
    – Nigel Ren
    Nov 22 at 15:38










  • $query = "UPDATE table SET $sets WHERE title = :title"; ... you need bind the parameter $query ->bindParam(':title', $title);
    – Juan Carlos Oropeza
    Nov 22 at 16:11












  • @JuanCarlosOropeza I don't think so, since i'm using a array instead of binding. I tryed anyways and nothing changed.
    – 515948453225
    Nov 22 at 16:22













up vote
-1
down vote

favorite









up vote
-1
down vote

favorite











I have this code to update my record and to check if there's any value on the respective input. But it's not even updating my record, and i got this error when i click on submit:




Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'




if(isset($_POST["updateBTN"])){    

$insert_data = array(
'keywords' => $_POST['keywords'],
'img' => $_POST['img'],
'widht' => $_POST['widht'],
'status' => $_POST['status'],
'name' => $_POST['name'],
'height' => $_POST['height']
);
$sets="";

foreach ($insert_data as $column => $value) {

if ($value!=""){

$sets .= $column." = '".$column."', ";

}
}
$sets = rtrim($sets, ', ');

$query = "UPDATE table SET $sets WHERE title = :title";
$stmt = $conn->prepare($query);
$stmt->execute($insert_data);

}


html:



<form  method="post">
<div>
<input type="text" name="title">
<span data-placeholder="Title"></span>
</div>
<div>
<input type="text" name="keywords">
<span data-placeholder="keywords"></span>
</div>
<div>
<input type="text" name="img">
<span data-placeholder="img"></span>
</div>
.
.
.
<button type="submit" name="updateBTN">Send</button>
</form>









share|improve this question















I have this code to update my record and to check if there's any value on the respective input. But it's not even updating my record, and i got this error when i click on submit:




Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'




if(isset($_POST["updateBTN"])){    

$insert_data = array(
'keywords' => $_POST['keywords'],
'img' => $_POST['img'],
'widht' => $_POST['widht'],
'status' => $_POST['status'],
'name' => $_POST['name'],
'height' => $_POST['height']
);
$sets="";

foreach ($insert_data as $column => $value) {

if ($value!=""){

$sets .= $column." = '".$column."', ";

}
}
$sets = rtrim($sets, ', ');

$query = "UPDATE table SET $sets WHERE title = :title";
$stmt = $conn->prepare($query);
$stmt->execute($insert_data);

}


html:



<form  method="post">
<div>
<input type="text" name="title">
<span data-placeholder="Title"></span>
</div>
<div>
<input type="text" name="keywords">
<span data-placeholder="keywords"></span>
</div>
<div>
<input type="text" name="img">
<span data-placeholder="img"></span>
</div>
.
.
.
<button type="submit" name="updateBTN">Send</button>
</form>






php sql if-statement foreach sql-update






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 22 at 15:44

























asked Nov 22 at 15:31









515948453225

448




448








  • 1




    are you sure that you give right output of var_dump()?
    – Artem Ilchenko
    Nov 22 at 15:35










  • echo your $query and check if that's the output you are looking for
    – Ruub
    Nov 22 at 15:36










  • When you are building your SQL, any string values need to inside quotes (something like $sets .= $column." = '".$column."', ";) but I would also recommend using prepared statements instead.
    – Nigel Ren
    Nov 22 at 15:38










  • $query = "UPDATE table SET $sets WHERE title = :title"; ... you need bind the parameter $query ->bindParam(':title', $title);
    – Juan Carlos Oropeza
    Nov 22 at 16:11












  • @JuanCarlosOropeza I don't think so, since i'm using a array instead of binding. I tryed anyways and nothing changed.
    – 515948453225
    Nov 22 at 16:22














  • 1




    are you sure that you give right output of var_dump()?
    – Artem Ilchenko
    Nov 22 at 15:35










  • echo your $query and check if that's the output you are looking for
    – Ruub
    Nov 22 at 15:36










  • When you are building your SQL, any string values need to inside quotes (something like $sets .= $column." = '".$column."', ";) but I would also recommend using prepared statements instead.
    – Nigel Ren
    Nov 22 at 15:38










  • $query = "UPDATE table SET $sets WHERE title = :title"; ... you need bind the parameter $query ->bindParam(':title', $title);
    – Juan Carlos Oropeza
    Nov 22 at 16:11












  • @JuanCarlosOropeza I don't think so, since i'm using a array instead of binding. I tryed anyways and nothing changed.
    – 515948453225
    Nov 22 at 16:22








1




1




are you sure that you give right output of var_dump()?
– Artem Ilchenko
Nov 22 at 15:35




are you sure that you give right output of var_dump()?
– Artem Ilchenko
Nov 22 at 15:35












echo your $query and check if that's the output you are looking for
– Ruub
Nov 22 at 15:36




echo your $query and check if that's the output you are looking for
– Ruub
Nov 22 at 15:36












When you are building your SQL, any string values need to inside quotes (something like $sets .= $column." = '".$column."', ";) but I would also recommend using prepared statements instead.
– Nigel Ren
Nov 22 at 15:38




When you are building your SQL, any string values need to inside quotes (something like $sets .= $column." = '".$column."', ";) but I would also recommend using prepared statements instead.
– Nigel Ren
Nov 22 at 15:38












$query = "UPDATE table SET $sets WHERE title = :title"; ... you need bind the parameter $query ->bindParam(':title', $title);
– Juan Carlos Oropeza
Nov 22 at 16:11






$query = "UPDATE table SET $sets WHERE title = :title"; ... you need bind the parameter $query ->bindParam(':title', $title);
– Juan Carlos Oropeza
Nov 22 at 16:11














@JuanCarlosOropeza I don't think so, since i'm using a array instead of binding. I tryed anyways and nothing changed.
– 515948453225
Nov 22 at 16:22




@JuanCarlosOropeza I don't think so, since i'm using a array instead of binding. I tryed anyways and nothing changed.
– 515948453225
Nov 22 at 16:22












1 Answer
1






active

oldest

votes

















up vote
0
down vote














  • "Widht" looks like it's spelt wrong. Is that the actual column name?

  • What does print_r($sets); show you?


  • $column values should ideally be encased in backticks

  • I hope you're cleaning that $_POST data!!!

  • Your error states "the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'" which implies the error comes before the first ?. Therefore, review the $sets string output from the bullet above.


And last but not least:




  • You REALLY SHOULD use the correct method for updating tables with PDO.






share|improve this answer





















    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53434173%2ferror-using-variable-inside-update-query-why%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    0
    down vote














    • "Widht" looks like it's spelt wrong. Is that the actual column name?

    • What does print_r($sets); show you?


    • $column values should ideally be encased in backticks

    • I hope you're cleaning that $_POST data!!!

    • Your error states "the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'" which implies the error comes before the first ?. Therefore, review the $sets string output from the bullet above.


    And last but not least:




    • You REALLY SHOULD use the correct method for updating tables with PDO.






    share|improve this answer

























      up vote
      0
      down vote














      • "Widht" looks like it's spelt wrong. Is that the actual column name?

      • What does print_r($sets); show you?


      • $column values should ideally be encased in backticks

      • I hope you're cleaning that $_POST data!!!

      • Your error states "the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'" which implies the error comes before the first ?. Therefore, review the $sets string output from the bullet above.


      And last but not least:




      • You REALLY SHOULD use the correct method for updating tables with PDO.






      share|improve this answer























        up vote
        0
        down vote










        up vote
        0
        down vote










        • "Widht" looks like it's spelt wrong. Is that the actual column name?

        • What does print_r($sets); show you?


        • $column values should ideally be encased in backticks

        • I hope you're cleaning that $_POST data!!!

        • Your error states "the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'" which implies the error comes before the first ?. Therefore, review the $sets string output from the bullet above.


        And last but not least:




        • You REALLY SHOULD use the correct method for updating tables with PDO.






        share|improve this answer













        • "Widht" looks like it's spelt wrong. Is that the actual column name?

        • What does print_r($sets); show you?


        • $column values should ideally be encased in backticks

        • I hope you're cleaning that $_POST data!!!

        • Your error states "the right syntax to use near '? = ':title', ? = ':keywords' WHERE title = ?'" which implies the error comes before the first ?. Therefore, review the $sets string output from the bullet above.


        And last but not least:




        • You REALLY SHOULD use the correct method for updating tables with PDO.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 22 at 16:31









        Martin

        12.3k53478




        12.3k53478






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.





            Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


            Please pay close attention to the following guidance:


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53434173%2ferror-using-variable-inside-update-query-why%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            What visual should I use to simply compare current year value vs last year in Power BI desktop

            How to ignore python UserWarning in pytest?

            Alexandru Averescu