Comments - MariaDB server version for the right syntax to use near 'WHERE id =1'
Content reproduced on this site is the property of its respective owners,
and this content is not reviewed in advance by MariaDB. The views, information and opinions
expressed by this content do not necessarily represent those of MariaDB or any other party.
You should probably use a prepared statement instead of combining values into a string. That's a classic case for SQL injection to occur. Here's a short example of how you could add this into the code: