Posted by Jerry Stuckle on 10/24/06 10:14

davek wrote:
> (posted to: php.general, comp.lang.php, alt.php, alt.php.sql)
>
> I have a form where registered users on my site can edit their login
> details. For some reason, the script is inserting an extraneous quote
> mark in the mysql update query that is preventing it from running
> successfully, but I am at a complete loss to understand why.
>
> This is my code:
> $sql = "UPDATE users SET
> username = '{$usr}',
> password = '{$pwd}',
> fullname = '{$_POST['fullname']},
> email = '{$_POST['email']}'
> WHERE userid = '{$usrid}'";
>
> if (@mysql_query($sql)) {
>
> //send email to user confirming changes
>
> } else {
>
> echo "<p>Error updating details: " . mysql_error() . "</p>";
>
> }
>
> This is the error message:
> Error updating details: You have an error in your SQL syntax near
> 'xxxx@xxxx.com' WHERE userid = '15'' at line 4
>
> I have checked that the $usrid variable does not contain the quote
> mark.
>
> Anyone have any bright ideas?
>
> cheers,
>
> d.
>

`password` is a MySQL reserved word.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

• Next in forum: Re: How do you profit from your applications?
• Prev in forum: strange extra quote mark appearing in mysql query
• Thread view: Re: strange extra quote mark appearing in mysql query

[Reply to this message]