Devil0s Devil0s - 7 months ago 23
PHP Question

mysql UPDATE command error

I don't know what I am doing wrong. Could anyone help me please.

function updateSerie($id, $serie, $description, $seasons, $genre, $avatar) {
include("connect.php");
$sql = "UPDATE Series SET Serie=\'".$serie."\', Description=\'".$description."\', Seasons=".$seasons.", Genre=\'".$genre."\', AvatarLink=\'".$avatar."\' WHERE SerieID=".$id;
if (!mysqli_query($mysqlConnection,$sql)) {
die('Error: '. mysqli_error($mysqlConnection));
}
}

Answer
$sql = "UPDATE Series SET Serie='".$mysqlConnection->real_escape_string($serie)."', Description='".$mysqlConnection->real_escape_string($description)."', Seasons='".$mysqlConnection->real_escape_string($seasons)."', Genre='".$mysqlConnection->real_escape_string($genre)."', AvatarLink='".$mysqlConnection->real_escape_string($avatar)."' WHERE SerieID='".$mysqlConnection->real_escape_string($id)."'";

Why do you escape here? without these useless backslashes it should work (and don't forget mysqli_real_escape_string()!)