WHERE usage in MariaDB
im getting this message when im trying to update the records of my database:
"You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE id = 1' at line 1"
this is how WHERE is used: $query = "UPDATE users SET "; $query .= "username = '$username', "; $query .= "password = '$password', "; $query .= "WHERE id = $id";
updating the records by selecting the id column.
Im not familiar with SQL nor MariaDB. I'm a newbie.
how am I supposed to use WHERE in MariaDB ?
Answer Answered by Brian Evans in this comment.
Please do not build queries like this. It is error prone and unsafe. Instead use prepared statements. This looks to be PHP so you should do something like
$pdo = new \PDO($connection_string) $query = "UPDATE users SET username = ?, password = ? WHERE id = ?"; $stmt = $pdo->prepare($query); $stmt->execute(array($username, $password, $id));
This code is safe from injections and easily shows the query. When you did it your way, you added an extra comma which was not as easily seen.