Ошибка запроса У вас есть ошибка в синтаксисе SQL; проверьте руководство, которое соответствует вашей версии сервера MariaDB для правильного синтаксиса

У меня проблема с обновлением контента в базе данных. ошибка:

Запрос не выполнен У вас есть ошибка в синтаксисе SQL; проверить
руководство, которое соответствует вашей версии сервера MariaDB для права
синтаксис для использования рядом с ‘post_content =’ kjgljkkjhklj ‘, post_image =
‘45739895_2381062595269282_8123898’ в строке 1

это весь мой код:

if (isset($_GET['p_id'])) {
$the_post_id = $_GET['p_id'];
}

$query = "SELECT * FROM posts WHERE post_id = $the_post_id";
$select_posts_by_id = mysqli_query($connection, $query);

while ($row = mysqli_fetch_assoc($select_posts_by_id)) {
$post_id = $row['post_id'];
$post_author = $row['post_author'];
$post_title = $row['post_title'];
$post_category_id = $row['post_category_id'];
$post_status = $row['post_status'];
$post_image = $row['post_image'];
$post_content = $row['post_content'];
$post_tags = $row['post_tags'];
$post_comment = $row['post_comment_count'];
$post_date = $row['post_date'];
}


// if update post button is clicked
if (isset($_POST['update_post'])) {

$post_author = $_POST['post_author'];
$post_title = $_POST['post_title'];
$post_category_id = $_POST['post_category'];
$post_status = $_POST['post_status'];
$post_image = $_FILES['image']['name'];
$post_image_temp = $_FILES['image']['tmp_name'];
$post_content = $_POST['post_content'];
$post_tags = $_POST['post_tags'];


move_uploaded_file($post_image_temp, "../images/{$post_image}");

if (empty($post_image)) {
$query = "SELECT * FROM posts WHERE post_id = $the_post_id ";

}

$query = "UPDATE posts SET ";
$query .= "post_title = '{$post_title}', ";
$query .= "post_category_id = '{$post_category_id}', ";
$query .= "post_date = now(), ";
$query .= "post_author = '{$post_author}', ";
$query .= "post_status = '{$post_status}', ";
$query .= "post_tags = '{$post_tags}' ";
$query .= "post_content = '{$post_content}', ";
$query .= "post_image = '{$post_image}' ";
$query .= "WHERE post_id = {$the_post_id}"; // this is from the get request


$update_post = mysqli_query($connection, $query);

confirmQuery($update_post);

}

это форма ниже:

<form action="" method="POST" enctype="multipart/form-data">

<div class="form-group">
<label for="title">Post Title</label>
<input value="<?php echo $post_title; ?>" type="text" name="post_title" class="form-control" required="true">
</div>

<div class="form-group">
<label for="post_category">Post Categories</label>
<select name="post_category" id="" class="form-control form-control-md">
<?php
$query = "SELECT * FROM categories";
$select_categories = mysqli_query($connection, $query);

confirmQuery($select_categories); // this is from functions.php

while ($row = mysqli_fetch_assoc($select_categories)) {
$cat_id = $row['cat_id'];
$cat_title = $row['cat_title'];

echo "<option value='{$cat_id}'>{$cat_title}</option>";
}
?>
</select>
</div>

<div class="form-group">
<label for="author">Post Author</label>
<input value="<?php echo $post_author; ?>" type="text" name="post_author" class="form-control" required="true">
</div>

<div class="form-group">
<label for="post_status">Post Status</label>
<input value="<?php echo $post_status; ?>" type="text" name="post_status" class="form-control" required="true">
</div>

<div class="form-group">
<label for="image">Post Image</label>
<img width="100px" src="../images/<?php echo $post_image; ?>">
<input type="file" name="image" required="true">
</div>

<div class="form-group">
<label for="post_tags">Post Tags</label>
<input value="<?php echo $post_tags; ?>" type="text" name="post_tags" class="form-control" required="true">
</div>

<div class="form-group">
<label for="post_content">Post Content</label>
<textarea name="post_content" class="form-control" id="" cols="30" rows="10" required="true">
<?php echo $post_content; ?>
</textarea>
</div>

<div class="form-group">
<input type="submit" name="update_post" class="btn btn-primary" value="Update Post">
</div>
</form>

0

Решение

FWIW, мне легче читать:

$query = "UPDATE posts
SET post_title = '$post_title'
, post_category_id = '$post_category_id'
, post_date = now()
, post_author = '$post_author'
, post_status = '$post_status'
, post_tags = '$post_tags'
, post_content = '$post_content'
, post_image = '$post_image'
WHERE post_id = $the_post_id;
";

…но также важно заменить эти строки на правильно параметризованный запрос

0

Другие решения

Других решений пока нет …

По вопросам рекламы ammmcru@yandex.ru
Adblock
detector