Forgive me if this already exists, but I didn’t see anything close enough to my issue to offer any kind of solution or path toward solving.
My Query:
$sql = "UPDATE users SET FirstName=$fname WHERE id=$id";
$fname does equal Jason. But it should be changing the sql field FirstName to “Jason”. Instead, it is trying to find a field named Jason. I have tried hardcoding in “Jason”, but then it says that there is an unexpected string. Hardcoding it in would actually cause issues as the data needs to be a variable so the user can change to their First Name to whatever they want. I have echo’d $id and that value is coming across correctly. My code is in php.
Long time reader of stackoverflow.com, first time poster. If there is any additional code or info that might be helpful, please let me know.
EDIT: I had not realized that variables also need to be within quotes. I assumed the quotes were specifically for hardcoded strings. Placing $fname within single quotes as ‘$fname’ solved it. Thank you, everyone!!!
Advertisement
Answer
Use single quotations:
$sql = "UPDATE users SET FirstName='$fname' WHERE id=$id";
Be sure about securing your SQL query; if the $fname
‘s value is dynamic, then you must escape special characters using mysqli_real_escape_string to avoid a very dangerous vulnerability SQL Injection
.