Click here to Skip to main content
15,997,544 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hello Everyone,

I have been battling with an issue for the past 24 hours.

Whenever I try to save into an int field.

This is what I did:

<br />
$query = "Update comments Set comment_authorized = 1 Where id = 4";<br />
$result = $pdo->prepare($query);<br />
$result->execute();<br />


This is the error I get:
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Set comment_authorized = 1 Where (id = 4)' at line 1


This same approach works well when inserting into non-INT columns. I just don't know why this is not working.

I have debugged this and couldn't just figure it out. After-all, this is a very simple basic statement.

Please help.
Posted

1 solution

I eventually got this solved without using binding approach as provided above. Surprisingly, this is exactly what I did, I just gave the interpretation of my script's query in the question I posted.

However, I now sanitized each parameter value before using it in the query like this:

<br />
$id = Security::sanitize($id);<br />
$query = "UPDATE comments SET comment_authorized = 1 WHERE id = $id";<br />
...<br />
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900