0

Hello, I made a PM system but the thing that makes it read isn't working. Can you take a look at it anybody?

$postid = $_GET['postid'];
mysql_query("UPDATE pm SET read=1 where id=$postid") or die(mysql_error());

And it gives this error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'read=1' at line 1

3
Contributors
3
Replies
4
Views
6 Years
Discussion Span
Last Post by balle
0

If you still want to use 'read' as a fieldname, backtick it:

UPDATE pm SET `read`=1 where id=$postid

I would do some simple validation and sanitizing on your post vars too. Although it's come from a form, forms and headers can be spoofed.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.