Member Avatar for nadiam

I am trying to update data but i get this error.

Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' username = 'test1', email = 'test1@gmail.com', phone = '012365478'' at line 1' in page.php:16

php:

<?php
    $thename = $_POST['name'];
    $theusername = $_POST['username'];
    $emailaddress = $_POST['email'];
    $phonenumber = $_POST['phone'];
    $status = "Decline";

    require "connection.php";

    $decline = $dbh->prepare("UPDATE users SET status = ? WHERE name = ?, username = ?, email = ?, phone = ?");
    $decline->bindParam(1, $status, PDO::PARAM_STR);
    $decline->bindParam(2, $thename, PDO::PARAM_STR);
    $decline->bindParam(3, $theusername, PDO::PARAM_STR);
    $decline->bindParam(4, $emailaddress, PDO::PARAM_STR);
    $decline->bindParam(5, $phonenumber, PDO::PARAM_STR);
    $decline->execute();    
?>

is it because its a string? i've come to realize when it comes to strings its not so straighforward.

  • 4 Contributors
  • 5 Replies
  • 266 Views
  • 4 Days Discussion Span
  • Latest Post Latest Post by nadiam

Recommended Answers

All 5 Replies

Member Avatar for Gideon_1

Yes I agree with pritaeas, using mysql keywords as raw text renders your sql statement invalid. For my personal preference I usually like using column names nested in back ticks. Try this.

$decline = $dbh->prepare("UPDATE users SET `status` = ? WHERE `name` = ?, `username` = ?, `email` = ?, `phone` = ?");
Edited by pritaeas because: Added backticks.
Member Avatar for nadiam

thank you. i added the backticks but im still getting the same error except now there are backticks on username, email and phone. I am actually using $.ajax to pass the data would that factor in the error?

X-Requested-With:XMLHttpRequest
Form Data
view source
view URL encoded
name:Test Two
username:test2
email:test2@gmail.com
phone:0125478963

just incase:

$("#declineRequest").on("click", function(){

    var full = $("#name").val();
    var username = $("#user").val();
    var emailaddress = $("#emailaddress").val();
    var phonenumber = $("#number").val();

    $.ajax({
        type: "POST",
        url: "declineRequest.php",
        data: "name="+full+"&username="+username+"&email="+emailaddress+"&phone="+phonenumber,
        success:  function(data){
            alert("Request Declined!");
         }
     });
});
Member Avatar for pixelsoul

I am actually using $.ajax to pass the data would that factor in the error?

Nope, it's a SQL error you're getting.
You have to separate multiple WHERE conditions with the AND operator.

UPDATE users SET `status` = ? WHERE `name` = ? AND `username` = ? AND `email` = ? AND `phone` = ?
Member Avatar for nadiam

thank you!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.