PHP/MySQL Syntax Issues

[pollock77]

I have recurring issues with incorporating SQL syntax with PHP.

This is what I have, followed by the error I'm getting.

elseif ($_GET[action] == 'edit' & $_POST[username] != '') {
   $query="UPDATE users SET username='$_POST[username]', PASSWORD='$_POST[PASSWORD]', handle='$_POST[handle]', rank='$_POST[rank]', group='$_POST[group]', gender='$_POST[gender]', av='$_POST[av]' WHERE username='$_POST[username]'";
   mysql_query($query)or die(mysql_error());
   echo "Account successfully updated. Click [<a href='editor.php'>here</a>] to go back.";
}

You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'group='admin3', gender='m', av='

http://'

WHERE username='polloc

I'm not sure what the problem is, can someone supply some help?

 

[cLFlaVA]

GROUP is a MySQL reserver word. I suggest you change the column name. Meanwhile, try using the back tick (under the escape key).

$query="UPDATE `users` 
        SET `username` = '$_POST[username]', 
            `PASSWORD` = '$_POST[PASSWORD]', 
            `handle` = '$_POST[handle]',
            `rank` = '$_POST[rank]',
            `group` = '$_POST[group]',
            `gender` = '$_POST[gender]',
            `av` = '$_POST[av]'
        WHERE `username` = '$_POST[username]'";

*cLFlaVA
----------------------------
A pirate walks into a bar with a huge ship's steering wheel down his pants.
The bartender asks, "Are you aware that you have a steering wheel down your pants?"
The pirate replies, "Arrrrr! It's driving me nuts!