Update sql database

I’m trying to update the records in a database and it doesn’t seem to work. My code looks like below.


$servername = "info";
$username = "info";
$password = "info";
$dbname = "info";

//Create a Connection
$con = new mysqli($servername,$username,$password,$dbname);

if($con->connect_error) {

die("Connection failed: " . $con->connect_error);


$updateId = $_POST["updatId"];
$updateFname = $_POST["fname"];
$updateLname = $_POST["lname"];

// Attempt update query execution
$sql = "UPDATE my_table
 SET fname='$updateFname', lname='$updateLname', WHERE id='$updateId'";

print "Records updated successfully";

} else {

print "Error: " . $con->error;



It gives me the error code below.
“Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘WHERE id=‘65’’ at line 2”

1 Like

Right there. You have a comma which will throw you the error. While I am at it. I recommend using prepared statements. I know this isn’t your original question, but it is recommended.


Another recommendation would be to validate the inputs in $_POST before copying tainted values into fields that you ought to be able to assume are untainted.


This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.