trouble with update

ckir5951 · April 9, 2014, 4:55am

Hi, please take a look at my code and advise what’s wrong. Following is an error message pertaining to the code that follows:

Update query failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘WHERE acctno=‘xxx-xxx-xxxx’’ at line 5

following is the php document code

[code]

[/code] [php]<?php // error_reporting(0); error_reporting(E_ALL ^ E_NOTICE); mysql_connect('localhost','root','my_password'); mysql_select_db('homedb') or die( "Unable to select database"); if(!empty($_POST["submit"])) { $acctno = $_POST['acctno']; $query="SELECT * FROM oocust Where acctno='$acctno'"; $result=mysql_query($query); if(mysql_num_rows($result)) { echo date('m/d/y'); echo "Invoice Payment :

"; while($row = mysql_fetch_assoc($result)) { echo ""; } echo "

amounts
check# acct# Name Descr Paid Due Date Paid pd

"; } else{echo "invalid entry for account# $acctno.
Select another?
";} } if(!empty($_POST["update"])) { $sql = "UPDATE oocust SET amtdue = '" . mysql_real_escape_string($_POST['amtdue']) . "', datepaid = '" . mysql_real_escape_string($_POST['datepaid']) . "', pd = '" . mysql_real_escape_string($_POST['pd']) . "', WHERE acctno='".$_POST["acctno"]."'"; mysql_query($sql) or die("Update query failed: " . mysql_error()); echo "Record for acct# ".$_POST["acctno"]." has been updated"; } ?>[/php] [code]

[/code]

following is the payment.js - the if statement doesn’t work ?
----------------------------------------------------

benanamen · April 9, 2014, 12:29pm

Remove the quotes

$query=“SELECT * FROM oocust Where acctno=’$acctno’”;

More importantly, you are useing obsolete Mysql code. You need to use PDO or Mysqli with Parameterized Queries