-3

i've a problem in below code that when i try to update this fields, due to like, school, schoolyr field my query doesn't work & the else section executes, but when i remove this 3 from the query it works fine.please help me, thx in advance and the php & html code is below :-

php :-

if(isset($_POST['nametb']) && isset($_POST['usernametb']) && isset($_POST['emailtb']) && isset($_POST['confirmtb']) && isset($_POST['abouttb']) && isset($_POST['interesttb']) && isset($_POST['dreamtb']) && isset($_POST['liketb']) && isset($_POST['schooltb']) && isset($_POST['schoolyrtb']) && isset($_POST['occupationtb']) && isset($_POST['occupationyrtb']) && isset($_POST['passwordstb']))
            {

                $nametb = $_POST['nametb'];
                $usernametb = $_POST['usernametb'];
                $emailtb = $_POST['emailtb'];
                $confirmtb = $_POST['confirmtb'];
                $abouttb = $_POST['abouttb'];
                $interesttb = $_POST['interesttb'];
                $dreamtb = $_POST['dreamtb'];
                $liketb = $_POST['liketb'];
                $schooltb = $_POST['schooltb'];
                $schoolyrtb = $_POST['schoolyrtb'];
                $occupationtb = $_POST['occupationtb'];
                $occupationyrtb = $_POST['occupationyrtb'];
                $passwordtb = $_POST['passwordstb'];
                $passwordstb = md5($passwordtb);            

                if(!empty($nametb) && !empty($usernametb)){

                    if(!empty($passwordtb)){

                        $password_get = "SELECT id from user_login WHERE password='$passwordstb'";

                        if($password_get_run = @mysql_query($password_get)){

                            if(mysql_num_rows($password_get_run) > 0){          

                                if(($emailtb != '' && $confirmtb != '-') || ($emailtb != '-' && $confirmtb != '-')){

                                    if($emailtb == $confirmtb){

                                        if(preg_match("/^[A-Z0-9._%-]+@[A-Z0-9][A-Z0-9.-]{0,61}[A-Z0-9]\.[A-Z]{2,6}$/i", $emailtb)){

                                            $query = "UPDATE user_info SET `name`='$nametb', `username`='$usernametb', `email`='$emailtb', `about`='$abouttb', `interest`='$interesttb', `dream`='$dreamtb', `like`='$liketb', `school`='$schooltb', `schoolyr`='$schoolyrtb', `occupation`='$occupationtb', `occupationyr`='$occupationyrtb' WHERE id='$user_id'";

                                            if($query_run = @mysql_query($query)){

                                                echo 'info successfully updated';
                                            }
                                            else{

                                                echo 'Failiure in updating info';
                                            }

html :- 

<form action="<?php if(isset($current_file)){ echo $current_file; } ?>" method="POST">

<fieldset id="fieldset1">

<legend style="font-family: Ubuntu; font-size:20px;">Info</legend>

<label id="name" title="Name" for="textbox1">Name :</label>

<label id="username" title="UserName" for="textbox2">UserName :</label>

<label id="email" title="Email" for="textbox3">Email :</label>

<label id="confirm" title="Confirm Email" for="textbox4">Confirm :</label>

<br />

<input type="text" id="textbox1" name="nametb" value="<?php if(isset($namedb)){ echo $namedb; } ?>" />

<input type="text" id="textbox2" name="usernametb" value="<?php if(isset($usernamedb)){ echo $usernamedb; } ?>" />

<input type="text" id="textbox3" name="emailtb" value="<?php if(isset($emaildb)){ echo $emaildb; } ?>" />

<input type="text" id="textbox4" name="confirmtb" value="<?php if(isset($confirmdb)){ echo $confirmdb; } ?>" />

<br /><br />

<div id="hrln"><hr /></div>

<label id="about" title="About you" for="textarea1">About :</label>

<label id="interest" title="You are interested in?" for="textarea2">Interested in :</label>

<br />

<textarea id="textarea1" name="abouttb"><?php if(isset($aboutdb)){ echo $aboutdb; } ?></textarea>

<textarea id="textarea2" name="interesttb"><?php if(isset($interestdb)){ echo $interestdb; } ?></textarea>

<br /><br /><br /><br /><br /><hr />

<label id="dream" title="Your Dream?" for="textarea3">Dream :</label>

<label id="like" title="What do you like?" for="textarea4">You like :</label>

<br />

<textarea id="textarea3" name="dreamtb"><?php if(isset($dreamdb)){ echo $dreamdb; } ?></textarea>

<textarea id="textarea4" name="liketb"><?php if(isset($likedb)){ echo $likedb; } ?></textarea>

<br /><br /><br /><br /><br /><hr />

<label id="education" title="Your school" for="textbox5">School | University :</label>

<label id="educationyr" title="Year" for="textbox6">Year :</label>

<br />

<input type="text" name="schooltb" id="textbox5" value="<?php if(isset($schooldb)){ echo $schooldb; } ?>" />

<input type="text" name="schoolyrtb" id="textbox6" value="<?php if(isset($schoolyrdb)){ echo $schoolyrdb; } ?>" />

<br /><br /><hr />

<label id="occupation" title="Occupation" for="textbox7">Occupation :</label>

<label id="occupationyr" title="Year" for="textbox6">Year :</label>

<br />

<input type="text" id="textbox7" name="occupationtb" value="<?php if(isset($occupationdb)){ echo $occupationdb; } ?>" />

<input type="text" id="textbox8" name="occupationyrtb" value="<?php if(isset($occupationyrdb)){ echo $occupationyrdb; } ?>" />

<br /><br /><hr />

<label id="passwords" title="For Security Purpose" for="textbox9">Password :</label>

<input type="password" id="textbox9" name="passwordstb" />

<input type="submit" value="Save Info Modification" name="save" id="button1" />

<input type="submit" value="Cancel Info Modification" name="cancel" id="button2" />

</fieldset>

</form>
thkala
  • 84,049
  • 23
  • 157
  • 201
Krishna Sarswat
  • 17
  • 6

2 Answers2

3

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'like='hey there', school='-', schoolyr='-', occupation='Chitchat CEO', occupatio' at line 1

Then your second SQL error is that you used a reserved SQL keyword as column name. You need to quote such with backticks:

 SELECT ...   `like` = '$var'

Again, note the backticks.

If you don't know which column names might be special names, then it's safest to quote them all. (Not a generic advise, but for newcomers.)

mario
  • 144,265
  • 20
  • 237
  • 291
  • it still shows this error, i've tried in phmyadmin:- #1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''name'='Krishna Sarswat', 'username'='krushed18', 'email'='krushed18@gmail.com',' at line 1 – Krishna Sarswat Dec 03 '11 at 13:41
  • Please note that I said **backticks**, not single quotes. http://stackoverflow.com/questions/261455/using-backticks-around-field-names -or- http://www.google.com/search?q=backticks -or- http://dev.mysql.com/doc/refman/5.0/en/identifiers.html – mario Dec 03 '11 at 13:44
  • [What are the differences between backtick and single quote? Can I use IF statement in a query as above?](http://stackoverflow.com/questions/2122721/what-are-the-differences-between-backtick-and-single-quote-can-i-use-if-stateme) – mario Dec 03 '11 at 13:47
  • after adding backticks it's showing this error :- #1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"UPDATE `user_info` SET `name`=jbjkkj', `username`='usernametb', `email`='emailt' at line 1 – Krishna Sarswat Dec 03 '11 at 13:53
  • Update your question with current code ***and*** raw *and* complete error message. Don't comment spam. – mario Dec 03 '11 at 13:58
  • Thanks everyone who tried to help me, especially you @mario i just added backticks and it worked thanks once, and sorry for irritating you people.... – Krishna Sarswat Dec 03 '11 at 14:17
2

You are missing a comma between '$schoolyrtb' and occupation: , schoolyr='$schoolyrtb' occupation='$occupationtb'.

But you can also find these sorts of errors by using 

    else{
       echo 'Failiure in updating info, error: ' . mysql_error();
    }
mario
  • 144,265
  • 20
  • 237
  • 291
Patrick
  • 113
  • 2
  • 6