0

Just got an error after fixing my code, please consider that the userID in the database is all set to '0'!

Outprint:

userID: '23' itemID: '8204'

UPDATE booking SET userID ='23' WHERE itemID ='8204'

(Error:) Could not update data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1

UPDATED PHP code second time:

<?php
$con = mysql_connect("localhost", "root", "") OR die(' Could not connect');
$db = mysql_select_db('book1', $con);
if (isset($_GET["userID"]) && isset($_GET["itemID"])){
$userID= (int)$_GET["userID"];
$itemID= (int)$_GET["itemID"];
$test = "userID: '$userID'  itemID: '$itemID'";
echo $test;
echo "<br>";
}
if (!$con) {
    die('Could not connect: '.mysql_error());
}

echo("UPDATE booking SET userID ='$userID' WHERE itemID ='$itemID'"); 
echo "<br>";
$upd = mysql_query("UPDATE booking SET userID ='$userID' WHERE itemID ='$itemID'");

$retval = mysql_query($upd, $con);
if(!$retval){
    die('Could not update data: '.mysql_error());
}
echo "Updated data successfully\n";

$sql = mysql_query("SELECT * FROM booking");
if($sql === FALSE) {
        die(mysql_error());
    }

echo '<table class="fixed">
    <tr> 
        <th>itemID</th> 
        <th>EMPLOYEE ID</th>
    </tr>';
while($row = mysql_fetch_array($sql)) {
    echo "<tr>";
    echo"<td>".$row['itemID']."</td>";
    echo"<td>".$row['userID']."</td>";
    echo "</tr>";
}

?>

Snoken
  • 103
  • 1
  • 11

3 Answers3

3

Variable interpolation doesn't work with single quotes. Change

mysql_query('UPDATE booking SET userID ="$userID" WHERE itemID ="$itemID"');

to

mysql_query("UPDATE booking SET userID ='$userID' WHERE itemID ='$itemID'");

But please note that this code is vulnerable to SQL injections. See this topic how to prevent it: How can I prevent SQL injection in PHP?

Community
  • 1
  • 1
Gergo Erdosi
  • 40,904
  • 21
  • 118
  • 94
  • It didn't fix the error either. Yeah I will start use PDO after I get this fuction to work correct. – Snoken Jun 18 '14 at 10:34
  • @user3751216 Do you have `$userID` and `$itemID` set? In your code they are not defined. Add `$userID = $_GET["userID"]` and `$itemID = $_GET["itemID"]` before calling update. – Gergo Erdosi Jun 18 '14 at 10:36
0

If you want to show the data by user id then you will change the code---

Change this line from

$sql = mysql_query(" SELECT * FROM booking WHERE 1");

to 

$sql = mysql_query(" SELECT * FROM booking WHERE 'userID' = '1'");

Or if you want to show the data by item id then you will change the code ----

$sql = mysql_query(" SELECT * FROM booking WHERE 'itemID' = '1'");
Akhi
  • 167
  • 1
  • 2
  • 12
  • I want to UPDATE the database so the userID will be imported to the database under the same variable as the itemID – Snoken Jun 18 '14 at 10:44
0

Make sure you are getting the $userid and $itemid perfectly.

Then have a look at the $upd variable. You are already running mysql_query. Change $upd to,

$upd = "UPDATE booking SET userID ='$userID' WHERE itemID ='$itemID'";

Then the condition,

$retval = mysql_query($upd, $con);
if(!$retval){
    die('Could not update data: '.mysql_error());
} else {
    ....
}

It may fix your error.

dipak_pusti
  • 1,645
  • 2
  • 23
  • 42