php - 1064 error, Not sure what the issue is

905

I keep getting this error when submitting. I have checked my form 10x and I cannot figure out what is wrong with it.

Here is the error

SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE order_num = '5293528'' at line 1

Here is the form code

public function next()
 {
    try
    {

        if(isset($_POST['giventoatpdate']))
        {
            $update = trim($_POST['update']);
            $orders = $_SESSION['order_nums'];
            $st=$this->db->prepare("INSERT INTO `orders` (giventoatpdate) VALUES (:upd) WHERE order_num = :orderr");
            $st->bindparam(":upd", $update);
            $st->bindparam(":orderr", $orders);
            $st->execute();
            return $st;

        }

      $order = $_GET['uid'];
      $stmt=$this->db->prepare("SELECT * FROM orders WHERE order_num = :order");
      $stmt->execute(array(":order"=>$order));
      $row=$stmt->fetch(PDO::FETCH_ASSOC);

    if($row['giventoatpdate'] = ' ')
    {
        echo 
        "
        <form name='atpdate' method='POST'>
        Date Sent to clown?
        <br>
        <input type='text' name='update'>
        <br>
        <input type='submit' name='giventoatpdate'>
        </form>
        ";
    }

Everything else is working fine. It gives me this error when I hit submit.

886

Answer

Solution:

Seeing somebody popped in an answer...

It's because INSERT doesn't have a WHERE clause.

Now read the manual http://dev.mysql.com/doc/en/insert.html

INSERT ... ON DUPLICATE KEY UPDATE does.

Or, you may have intended to do an UPDATE. http://dev.mysql.com/doc/en/update.html

Seeing$update = trim($_POST['update']); the operative word being "update" in the POST array, I'm thinking you want to do an UPDATE here rather than an INSERT, since you are dealing with orders taken from your site.

So, you have a few choices here.

If it's an UPDATE, your query would read as:

UPDATE `orders` 
SET giventoatpdate = :upd 
WHERE order_num = :orderr

Check for errors:

Add to the top of your file(s) which will help find errors.

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);

// Then the rest of your code

Sidenote: Displaying errors should only be done in staging, and never production.


Footnotes:

Seeingif($row['giventoatpdate'] = ' ') you do realize that this checks for a "space" rather thanif($row['giventoatpdate'] = '') to check if it's "empty".

You're also "assigning" rather than doing a "comparison" here which should read as:

if($row['giventoatpdate'] == '')

If you're checking for empty'ness, then remove the space in there, or you can do

if(empty($row['giventoatpdate']))

References:

201

Answer

Solution:

INSERT doesn't have WHERE operator. You need to change query to something like this:

UPDATE myTable SET my_field = :new_value WHERE my_another_filed = :another_value_or_row_id

People are also looking for solutions to the problem: javascript - Why I get an empty response?

Source

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.