Help | Site Map
Connecting Tech Pros Worldwide
bytes > groups > PHP
 
 
LinkBack Thread Tools
  #1  
Old September 5th, 2008, 10:05 PM
stanman
Guest
  
Posts: n/a
Default syntax error, unexpected T_VARIABLE
I have been trying to get past this error all day. I am unable to
determine why I get syntax error from the following code:

//modify a record
$myDataID = mysql_query("UPDATE members SET first_name = $name_update
WHERE email = $targetEmail", $connectID);

Can someone tell me what is wrong with this.
Thank You
Gerald Stanley
  #2  
Old September 5th, 2008, 10:15 PM
Captain Paralytic
Guest
  
Posts: n/a
Default Re: syntax error, unexpected T_VARIABLE
On Sep 5, 10:02*pm, stanman <GStanle...@gmail.comwrote:
Quote:
I have been trying to get past this error all day. I am unable to
determine why I get syntax error from the following code:
>
//modify a record
$myDataID = mysql_query("UPDATE members SET first_name = $name_update
WHERE email = $targetEmail", $connectID);
>
Can someone tell me what is wrong with this.
Thank You
Gerald Stanley
Please post a few lines before this and also the full error message.
  #3  
Old September 6th, 2008, 12:05 AM
FutureShock
Guest
  
Posts: n/a
Default Re: syntax error, unexpected T_VARIABLE
stanman wrote:
Quote:
I have been trying to get past this error all day. I am unable to
determine why I get syntax error from the following code:
>
//modify a record
$myDataID = mysql_query("UPDATE members SET first_name = $name_update
WHERE email = $targetEmail", $connectID);
>
Can someone tell me what is wrong with this.
Thank You
Gerald Stanley
You may try:

$myDataID = mysql_query("UPDATE members SET first_name = '$name_update'
WHERE email = '$targetEmail'", $connectID);

scotty
  #4  
Old September 8th, 2008, 03:35 AM
AqD
Guest
  
Posts: n/a
Default Re: syntax error, unexpected T_VARIABLE
stanman wrote:
Quote:
I have been trying to get past this error all day. I am unable to
determine why I get syntax error from the following code:
>
//modify a record
$myDataID = mysql_query("UPDATE members SET first_name = $name_update
WHERE email = $targetEmail", $connectID);
>
Can someone tell me what is wrong with this.
It's off-topic, but you should try to escape the string inputs, or
avoid combining inputs to query completely by using parameterized
queries.

A simple version is "UPDATE members SET first_name = '" .
mysql_escape_string($name_update) . "' WHERE email = '" .
mysql_escape_string($targetEmail) . "'"

You would also need to make sure the client encoding is correct.

If you're using PHP5, you can use parameterized queries in mysqli or
PDO
  #5  
Old September 8th, 2008, 04:15 AM
Jerry Stuckle
Guest
  
Posts: n/a
Default Re: syntax error, unexpected T_VARIABLE
AqD wrote:
Quote:
stanman wrote:
Quote:
>I have been trying to get past this error all day. I am unable to
>determine why I get syntax error from the following code:
>>
>//modify a record
>$myDataID = mysql_query("UPDATE members SET first_name = $name_update
>WHERE email = $targetEmail", $connectID);
>>
>Can someone tell me what is wrong with this.
>
It's off-topic, but you should try to escape the string inputs, or
avoid combining inputs to query completely by using parameterized
queries.
>
A simple version is "UPDATE members SET first_name = '" .
mysql_escape_string($name_update) . "' WHERE email = '" .
mysql_escape_string($targetEmail) . "'"
>
You would also need to make sure the client encoding is correct.
>
If you're using PHP5, you can use parameterized queries in mysqli or
PDO
>
Properly constructed statements work quite well without parameterized
queries.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
  #6  
Old September 8th, 2008, 11:25 AM
Curtis
Guest
  
Posts: n/a
Default Re: syntax error, unexpected T_VARIABLE
AqD wrote:
Quote:
stanman wrote:
Quote:
>I have been trying to get past this error all day. I am unable to
>determine why I get syntax error from the following code:
>>
>//modify a record
>$myDataID = mysql_query("UPDATE members SET first_name = $name_update
>WHERE email = $targetEmail", $connectID);
>>
>Can someone tell me what is wrong with this.
>
It's off-topic, but you should try to escape the string inputs, or
avoid combining inputs to query completely by using parameterized
queries.
>
A simple version is "UPDATE members SET first_name = '" .
mysql_escape_string($name_update) . "' WHERE email = '" .
mysql_escape_string($targetEmail) . "'"
>
You would also need to make sure the client encoding is correct.
Use mysql_real_escape_string for this.
Quote:
If you're using PHP5, you can use parameterized queries in mysqli or
PDO
--
Curtis
 

Bookmarks

« Previous Thread | Next Thread »
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

What is Bytes?

We are a network of experts and professionals in IT and software development that help one another with answers to tough questions and share insights. Get the best answers to your questions from over network members.
Post your question now . . .
It's fast and it's free

Popular Articles
Quick Browse:
Communities / Archives
XML / CSS | HTML | Javascript | PHP | Perl | Visual Basic | Python | C++ / C | Java | .NET / C# / VB / XML / ASP.net | ASP
PostgreSQL | MS SQL | Oracle | IBM DB2 | MS Access | MySQL

About Bytes | Sitemap | Privacy Policy | Terms of Use
Copyright 1995-2008 Bytes.com. All rights Reserved