Drickuss Merguez Drickuss Merguez - 1 year ago 57
PHP Question

update data in existing row in mysql database

I have a table called pack_details with 4 columns. I'm trying to insert new data into an existing table. Can somebody tell me what's wrong with my codes and why i have a parse error?

$sql_query = "UPDATE pack_details SET $delivery_date = $_POST["delivery_date"], $delivery_time = $_POST["delivery_time"]
WHERE $delivery_building = $_POST["delivery_building"]
AND $delivery_room = $_POST["delivery_room"]";

Answer Source

Try any from below options:

 $sql_query = "UPDATE pack_details SET $delivery_date = $_POST['delivery_date'], $delivery_time = $_POST['delivery_time'] WHERE $delivery_building = $_POST['delivery_building'] AND $delivery_room = $_POST['delivery_room']";

or

 $sql_query = "UPDATE pack_details SET $delivery_date = ".$_POST["delivery_date"].", $delivery_time = ".$_POST["delivery_time"]." WHERE $delivery_building = ".$_POST["delivery_building"]." AND $delivery_room = ".$_POST["delivery_room"]";

Or

 $sql_query = "UPDATE pack_details SET $delivery_date = $_POST[\"delivery_date\"], $delivery_time = $_POST[\"delivery_time\"] WHERE $delivery_building = $_POST[\"delivery_building\"] AND $delivery_room = $_POST[\"delivery_room\"]";

Note: If field name doesn't contain $, remove $ from field name in query. For eg. "$delivery_date" should be "delivery_date"

Suggestion: Instead of using string concatenation for building, You should use bind parameters to pass value to query. It helps to prevent SQL injection as well as code look well.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download