---- Jason Pruim <[EMAIL PROTECTED]> wrote: > No political undertones in this one I promise! :) > > Attempting to setup a prepared statement in php that will update a > record in a mysql database using mysqli > > Here is the relevant code: > $stmt = mysqli_stmt_init($link); > mysqli_stmt_prepare($stmt, "UPDATE purl.schreur (FName, LName, email, > phone, record, subscribed, date, IPAddress, Business, Address1, City, > State, Zip, Coffee, Meeting, areaPlans) VALUES > (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"); > > mysqli_stmt_bind_param($stmt, 'ssssssssssssssssss', > $_POST['txtFName'], $_POST['txtLName'], $_POST['txtEmail'], > $_POST['txtPhone'], $_POST['txturl'], $_POST['record'], > $_POST['subscribed'],$date, $_SERVER['REMOTE_ADDR'], > $_POST['txtBusiness'], $_POST['txtAddress1'], $_POST['txtCity'], > $_POST['txtState'], $_POST['txtZip'], $_POST['rdoCoffee'], > $_POST['rdoTime'], $_POST['areaPlans']) ;//or die(mysqli_error($link)); > echo "<BR>Dump of stmt:<BR>"; > > mysqli_stmt_execute($stmt) or die(mysqli_error($link)); > > Here is my error message: > > You have an error in your SQL syntax; check the manual that > corresponds to your MySQL server version for the right syntax to use > near '(FName, LName, email, phone, record, subscribed, date, > IPAddress, Business, Addr' at line 1 > > Now I may just be being dense but I can't figure out the problem... > Migraines are not helping right now though.... > > Can anyone see my stupid mistake? :)
OK, you asked for it... You aren't checking your stuff before dumping it. None of it... So, you should be taking the post variables and slapping them into a checker. Then, your statement should be more along the lines of: mysqli_stmt_bind_param($stmt, 'ssssssssssssssssss','$txtFName','$txtLName','$txtEmail','$txtPhone','$txturl','$record','$subscribed',$date, '$REMOTE_ADDR','$txtBusiness','$txtAddress1','$txtCity','$txtState','$txtZip','$rdoCoffee','$rdoTime','$areaPlans') ; HTH, Wolf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
