Search code examples
phpmysql-error-1064

MySQL Error 1064: You have an error in your SQL syntax .. near line 1?

I am working on a MySQL & PHP project. It is based on a Music Database. I am getting the following error when I go to http://andrewb1.sgedu.site/editgenres.php:

Error: SQL Error: 
Errno: 1064
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

I'm a bit confused how I am getting an error on Line 1 as the only thing there is the open php tag

The code for the editgenres.php is:

<?php

include 'dbconnect.php';

$sql = "select * from Genres where GenreID = " . $_REQUEST['GenreID'];
if (!$result = $mysqli->query($sql)) {
    echo "Error: SQL Error: </br>";
    echo "Errno: " . $mysqli->errno . "</br>";
    echo "Error: " . $mysqli->error . "</br>";

    exit;
}

$row = $result->fetch_assoc();

?>

<form action="editgenressrv.php">
<input type="hidden" name="GenreID" value = "<?php echo $row["GenreID"]?>"/> 
GenreID:<input type="text" name="GenreID" value="<?php echo $row["GenreID"]?>"/></br>
GenreName:<input type="text" name="GenreName" value="<?php echo $row["GenreName"]?>"/></br>
<input type="submit"/>
</form>

Also, if needed here is the code for EditGenresSrv.php: 

include 'dbconnect.php';

$sql = "update Genres set ";
$sql .= "GenreID = '" . $_REQUEST["firstname"] ."'," ;
$sql .= "GenreName = '" . $_REQUEST["lastname"] ."'," ;
$sql .= "where GenreID= " . $_REQUEST['GenreID']; 
if (!$result = $mysqli->query($sql)) {
    echo "Error: SQL Error: </br>";
    echo "Errno: " . $mysqli->errno . "</br>";
    echo "Error: " . $mysqli->error . "</br>";

    exit;
}
?>
<script>
window.location='genres.php';
</script>

If needed, here is dbconnect.php (although I've already tested it and its fine): 

include 'dbconnect.php';

$sql = "insert into students (firstname,lastname,email) values (" . 
  "'" . $_REQUEST["GenreID"] ."','" .
  $_REQUEST["GenreName"] . "' ";

if (!$result = $mysqli->query($sql)) {
    echo "Error: SQL Error: </br>";
    echo "Errno: " . $mysqli->errno . "</br>";
    echo "Error: " . $mysqli->error . "</br>";

    exit;
}
?>
<script>
window.location='genres.php';
</script>

Here is the HTM file:

<form action="addgenressrv.php">
GenreID:<input type="text" name="GenreID"/></br>
GenreName:<input type="text" name="GenreName"/></br>

<input type="submit"/>
</form>
Solution

  • Be carefull with the comma before where.

    $sql = "update Genres set ";
$sql .= "GenreID = '" . $_REQUEST["firstname"] ."'," ;
$sql .= "GenreName = '" . $_REQUEST["lastname"] ."' " ;
$sql .= "where GenreID= " . $_REQUEST['GenreID'];