473,416 Members | 1,784 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > trying to updating a column through php and mysql

Join Bytes to post your question to a community of 473,416 software developers and data experts.

Trying to updating a column through php and mysql

1 Bit
Hello, so I'm trying to update a column (carID) in a table called users
but I'm getting the following error:
"syntax error, unexpected double-quote mark, expecting "-" or identifier or variable or number"

Can you help me figure out what's the problem in the code?

Expand|Select|Wrap|Line Numbers
  1. if($_SERVER["REQUEST_METHOD"] == "POST"){
  2.   $ID=mysqli_real_escape_string($con, $_GET['ID']);
  3. if(isset($_POST["rentit"])){
  4.  $sql="UPDATE users SET carID = '$ID' WHERE username = $_SESSION["username"] ";
  5. }}
Thanks A Lot!
Jan 18 '21 #1
3 3833
Niheel
2,460 Expert Mod 2GB
the $_SESSION["username"] variable needs quotes in the SQL statement

original
Expand|Select|Wrap|Line Numbers
  1. $sql="UPDATE users SET carID = '$ID' WHERE username = $_SESSION["username"] ";
fix
Expand|Select|Wrap|Line Numbers
  1. $sql="UPDATE users SET carID = '$ID' WHERE username = '".$_SESSION["username"]."' ";
Jan 19 '21 #2
The explanation you are providing is really great.
Jan 19 '21 #3
bakertaylor28
45 32bit
This code has two big problems-
First you should always be using prepared statements to prevent SQL injection. The second, is that it is easier to avoid using
a session variable directly in SQL- it is better to set regular var to Session Var:

Expand|Select|Wrap|Line Numbers
  1. <?php
  2. session_start();
  3. if ( !isset ($_POST['carid'] )) {
  4. exit('please input a carid');
  5. }
  6. $username = $_SESSION['username'];
  7. $carid = $_POST['carid'];
  8.  
  9. $host='database host';
  10. $user ='database user';
  11. $pass = 'database pass';
  12. $dbname = 'database name';
  13.  
  14. $con = mysqli_connect($host, $user, $pass, $dbname);
  15. $stmt = $con->prepare('UPDATE users SET carid= ? WHERE username= ?');
  16. $stmt->bind_param('ss', $carid, $username);
  17. $stmt->execute(); 
  18. $stmt->close();
  19. $con->close();
  20. ?>
  21.  
This is unnecessary:
Expand|Select|Wrap|Line Numbers
  1. if($_SERVER["REQUEST_METHOD"] == "POST") {
  2.  
  3. }
  4.  
because form data will ALWAYS use post if we use this in html (And therefore we don't need to check for POST method) :

Expand|Select|Wrap|Line Numbers
  1. <form action="/foo.php"  method="post">
  2.  
Mar 2 '21 #4

Sign in to post your reply or Sign up for a free account.

Similar topics

0
Trying to install MySQL on Win98
by: MySQL | last post by:
Hi, I downloaded MySQL 3.23.57 for Windows as I wish to learn MySQL locally and then use the one I already have installed on my UNIX server. I ran setup and rebooted but the WinMySQLadmin program...
MySQL Database
0
trying to install mysql on redhat
by: Mark88 | last post by:
I get the following error screen when I try to install mysql on redhat: ----------------------------------------------------------------------- # rpm -i MySQL-server-4.1.4-0.i386.rpm warning:...
MySQL Database
5
Updating Column Data on the Fly?
by: erikthenomad | last post by:
Hey...newbie question: I've got three columns in my database, the third of which is blank right now, and I need it to equal the value of column one minus column two. While I can accomplish this...
Microsoft SQL Server
3
Problems trying to get MySQL to work from PHP script
by: Martin | last post by:
I'm having trouble getting a new PHP/MySQl installation to work. Windows XP Pro, IIS 5.1, PHP 5.1.1, MySQL 5.0.16, ISAPI This is a new computer. The whole setup is for development use only -...
MySQL Database
1
Updating Column Descriptions (Comments)
by: Brett Magill | last post by:
Hello all, Looking for some help here. BTW, to e-mail me directly, should you prefer, take the *nomail*. out the reply address. I uploaded data from another program ( GNU R-2.2.0 @...
MySQL Database
1
Trying to build mysql from source
by: smatta | last post by:
I have downloaded mysql 5.0.18 source code and would like to run on Fedora Core 4. It seems like the compilation succeeded. I am not sure of what to do after the rpmbuild though. I did a...
MySQL Database
2
pulling mulitple selection listboxes into a PHP array for updating a MySQL DB with
by: julie18881 | last post by:
I may be being really stupid here, i have spent the last 3 hours looking round your site and some other for answers to my problem, but have not had much luck (possibly cuase my brain just isn't...
PHP
0
Trying to install mysql lib for python
by: tedpottel | last post by:
Hi How do I install mysql db libray for python? I went to source forg and downloaded the following zip folder MySQL_python-1.2.2-py2.4-win32 I open the folder and looked inside did not see any...
Python
11
AutumnsDecay
Updating a MySQL table value through HREF link
by: AutumnsDecay | last post by:
Hey everyone. I have been writing a testimonials backend for a client who wishes to use the feature. How it is supposed to work is like this: The user writes a testimonial of their experience...
PHP
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!