-1
<?php 
            if(isset($_POST['update'])){
                
        $children_id = $_POST['children_id'];
        $parent_id = $_POST['parent_id'];
        $child_name= $_POST['child_name'];
        $dob = $_POST['dob'];
        $age = $_POST['age'];
        $gender= $_POST['gender'];
        $race = $_POST['race'];
        $religion = $_POST['religion'];
        $certificate_of_birth = $_POST['certificate_of_birth'];
        $citizen = $_POST['citizen'];
        $num_sibling = $_POST['num_sibling'];
        
                    
            
            $sql = "UPDATE children SET 
            $children_id = $_POST['children_id'];
            $parent_id = $_POST['parent_id'];
            $child_name= $_POST['child_name'];
            $dob = $_POST['dob'];
            $age = $_POST['age'];
            $gender= $_POST['gender'];
            $race = $_POST['race'];
            $religion = $_POST['religion'];
            $certificate_of_birth = $_POST['certificate_of_birth'];
            $citizen = $_POST['citizen'];
            $num_sibling = $_POST['num_sibling'];
            
            WHERE children='$children_id'";

            if ($conn->query($sql) === TRUE) {
                echo "<div class='alert alert-success' role='success'>
          Record Updated Successfully!
        </div>";
            } else {
                echo "<div class='alert alert-danger' role='alert'>
          Error Updating !" . $conn->error . "</div>"  ;
            }
        }
}
?>
CBroe
  • 91,630
  • 14
  • 92
  • 150
syafiqah suhailah
  • 1
  • 1
  • 3
  • Please quote the full, exact error message. – CBroe Jul 14 '20 at 10:15
  • Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting '-' or identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) – syafiqah suhailah Jul 14 '20 at 10:19
  • https://stackoverflow.com/questions/18050071/php-parse-syntax-errors-and-how-to-solve-them – CBroe Jul 14 '20 at 10:20
  • 1
    Does this answer your question? [PHP parse/syntax errors; and how to solve them](https://stackoverflow.com/questions/18050071/php-parse-syntax-errors-and-how-to-solve-them) – theminer3746 Jul 14 '20 at 10:41
  • Also - you shouldn't have the `;`'s in the UPDATE, you need a `,` when you have more fields to set (not on the last one). Also not sure why you use `$children_id` on the left of `$children_id = $_POST['children_id'];`. – Nigel Ren Jul 14 '20 at 10:44

1 Answers1

0

When you're trying to use array variable within your string it should be wrapped by curly brackets, like:

$sql = "UPDATE children SET 
$children_id = {$_POST['children_id']};
$parent_id = {$_POST['parent_id']};
$child_name= {$_POST['child_name']};
$dob = {$_POST['dob']};
$age ={$_POST['age']};
$gender= {$_POST['gender']};
$race = {$_POST['race']};
$religion = {$_POST['religion']};
$certificate_of_birth = {$_POST['certificate_of_birth']};
$citizen = {$_POST['citizen']};
$num_sibling = {$_POST['num_sibling']};

On the quite another hand, passing data directly from the request, without any validation to SQL query sounds like trouble, because of the possibility of SQL injection.

biesior
  • 55,576
  • 10
  • 125
  • 182